Overview

overview

10

Static

static

1

tmp.exe

windows7-x64

7

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    569KB

  • Sample

    230315-jl9zqaea9x

  • MD5

    44141a0e32ba57ab5c42a7d18a3745ce

  • SHA1

    ca3300147a6777904baffd74d70b2c79d6dced72

  • SHA256

    8701f0c0b71ac2f9214a565721adadff6bfad4705e219d712f0742b03b7be518

  • SHA512

    757c2d25f29a85daf79fa9fe45905e0612cd8052f9586dc08f8ad0218ce5de6281ae172841b04620dabec37b440fb5fd949337018d349a6f088971e7ef1e171c

  • SSDEEP

    12288:l+Q5UdA+06SBPOZLVeIQYSsWmal37ckvPG9o8z:EQ5UdT06SVwVfQfsf03Ak29o8z

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      tmp

    • Size

      569KB

    • MD5

      44141a0e32ba57ab5c42a7d18a3745ce

    • SHA1

      ca3300147a6777904baffd74d70b2c79d6dced72

    • SHA256

      8701f0c0b71ac2f9214a565721adadff6bfad4705e219d712f0742b03b7be518

    • SHA512

      757c2d25f29a85daf79fa9fe45905e0612cd8052f9586dc08f8ad0218ce5de6281ae172841b04620dabec37b440fb5fd949337018d349a6f088971e7ef1e171c

    • SSDEEP

      12288:l+Q5UdA+06SBPOZLVeIQYSsWmal37ckvPG9o8z:EQ5UdT06SVwVfQfsf03Ak29o8z

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks