General
-
Target
ccaffcd12dcb30adb5250f30026ecd1e.bin
-
Size
4.1MB
-
Sample
230317-js811afa45
-
MD5
489156d1f70a1022a68d781ef45c9ff6
-
SHA1
8db1cc08eed99624c5cf38b87bf779979f892faa
-
SHA256
a44d659227b87e959a7807b9d85d2fd571665a4296590ed59114cc5b3ebf94f0
-
SHA512
22da74413f53c2e492dbbecaab38a09e96c6fddb942a3b2f3e1e0d3169e6adf7d1e15cc0447e8da34db7dd08aa25dc7ff0ecd2b06b8784a423990e668f45c0d6
-
SSDEEP
49152:2gPOeHehrDXAEP/e3I4MX9EegUAlyvwy2up7hdb8dRmPzYW6lvNTZSkkuQQsOdu9:F2eHeJne3I4Uau9vSmPsW6lvjJQ8dr8Z
Static task
static1
Behavioral task
behavioral1
Sample
fef75dbf20c3ba832b5ed9d057f26e61915501bae7c1e11c367793546c7713aa.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
fef75dbf20c3ba832b5ed9d057f26e61915501bae7c1e11c367793546c7713aa.exe
-
Size
4.3MB
-
MD5
ccaffcd12dcb30adb5250f30026ecd1e
-
SHA1
4048dc71db497f641a4f35eb00ac3c163c394978
-
SHA256
fef75dbf20c3ba832b5ed9d057f26e61915501bae7c1e11c367793546c7713aa
-
SHA512
a196e58aaff3f68e15df0de667541d103c78d0f8cf114ff3f5770444de1a30b0dc46c4d0dcafbc8bd81538660d401c57dc18de8b6b3769b81cc4e8ff7f316286
-
SSDEEP
98304:w1XNI4kmUg+DgxP1Wrj3DIIs0LHhjwSKVjV3:w9NInmUg5xqX/sCHhj7K5p
-
Modifies security service
-
XMRig Miner payload
-
Possible privilege escalation attempt
-
Stops running service(s)
-
Executes dropped EXE
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-