Overview

overview

10

Static

static

1

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e22fdca86ebf199ba600299082ac4d7e33699a346353ff96445361117193428a

  • Size

    213KB

  • Sample

    230318-ffcv9abc75

  • MD5

    28df2ea6fc55b9173fd86b5267cbe5c7

  • SHA1

    a21eaee7a80585efd952942588634f27d1d17b36

  • SHA256

    e22fdca86ebf199ba600299082ac4d7e33699a346353ff96445361117193428a

  • SHA512

    9aebf8b2518ab04917387d8ebfa62dbeb8c661d9ad65ac6fa2090d93495307bbf7737c9787a0d2a147fed585fc5ea86c6603d4bf47491754eb7c118d6171edbd

  • SSDEEP

    6144:xmTrv/uwytIGNN5J83FITMr5dxAWGbbmQ6u:grv2wyDNXSoMFdxLGbbm8

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      e22fdca86ebf199ba600299082ac4d7e33699a346353ff96445361117193428a

    • Size

      213KB

    • MD5

      28df2ea6fc55b9173fd86b5267cbe5c7

    • SHA1

      a21eaee7a80585efd952942588634f27d1d17b36

    • SHA256

      e22fdca86ebf199ba600299082ac4d7e33699a346353ff96445361117193428a

    • SHA512

      9aebf8b2518ab04917387d8ebfa62dbeb8c661d9ad65ac6fa2090d93495307bbf7737c9787a0d2a147fed585fc5ea86c6603d4bf47491754eb7c118d6171edbd

    • SSDEEP

      6144:xmTrv/uwytIGNN5J83FITMr5dxAWGbbmQ6u:grv2wyDNXSoMFdxLGbbm8

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Downloads MZ/PE file

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks