Overview

overview

10

Static

static

1

tmp.exe

windows7-x64

3

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    tmp

  • Size

    2.8MB

  • Sample

    230316-wchkbscb68

  • MD5

    a1f7bd3a021e8c779ee8dab8b13aa875

  • SHA1

    d097479513bc57e740220dee1a03820b4f2b3b7c

  • SHA256

    bcb7f74cabff9b520fccd6afa1f8d6711fc004b4ad13c49849ee90978fc7873e

  • SHA512

    0e536c7a11cc7074d2847fd85eb8ac99e4e0d421d7f27838b55f14d500d8557dc7cde76b57f009e6b40118caa11f042305d926addadad5c241ae496a94e28a12

  • SSDEEP

    24576:NDVF5mkwaAr+A+7eGNkqFp4/Bma+mxY4eHGs8E9Ot09OX7l348A5NyvCh1WGn0LZ:LuL3r+A+/N/L4/BFxY+CYfORu4cIPA

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      tmp

    • Size

      2.8MB

    • MD5

      a1f7bd3a021e8c779ee8dab8b13aa875

    • SHA1

      d097479513bc57e740220dee1a03820b4f2b3b7c

    • SHA256

      bcb7f74cabff9b520fccd6afa1f8d6711fc004b4ad13c49849ee90978fc7873e

    • SHA512

      0e536c7a11cc7074d2847fd85eb8ac99e4e0d421d7f27838b55f14d500d8557dc7cde76b57f009e6b40118caa11f042305d926addadad5c241ae496a94e28a12

    • SSDEEP

      24576:NDVF5mkwaAr+A+7eGNkqFp4/Bma+mxY4eHGs8E9Ot09OX7l348A5NyvCh1WGn0LZ:LuL3r+A+/N/L4/BFxY+CYfORu4cIPA

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks