Overview

overview

10

Static

static

1

bgfbv.exe

windows7-x64

5

bgfbv.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bgfbv.exe

  • Size

    216KB

  • Sample

    230319-qsva6saf3s

  • MD5

    ca341777340c9f6a7ba878b3e37fcf9c

  • SHA1

    07a04b16322d7b7ffb20d06da3f8b0b8d6758d3a

  • SHA256

    8591b86016fee0267755649d008dfb73d0d7ac44ff4bb27f94585477b2eb5924

  • SHA512

    461629756370df26e515b49467f18933d17f797a4c579b7ae67172c83b4951e654d3a4dffdb457121c95399c8c6a999e9d75343dcaa1efca0b40430ec5279e79

  • SSDEEP

    3072:ess1fPMY0xyVpX5sLRRQRo0PnPdvAP2JyCiNZOQGWpOeXNzxc2NA1YSlajLgYBRH:efPVvX5G8nFmnvOZWB6MAkgLs

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      bgfbv.exe

    • Size

      216KB

    • MD5

      ca341777340c9f6a7ba878b3e37fcf9c

    • SHA1

      07a04b16322d7b7ffb20d06da3f8b0b8d6758d3a

    • SHA256

      8591b86016fee0267755649d008dfb73d0d7ac44ff4bb27f94585477b2eb5924

    • SHA512

      461629756370df26e515b49467f18933d17f797a4c579b7ae67172c83b4951e654d3a4dffdb457121c95399c8c6a999e9d75343dcaa1efca0b40430ec5279e79

    • SSDEEP

      3072:ess1fPMY0xyVpX5sLRRQRo0PnPdvAP2JyCiNZOQGWpOeXNzxc2NA1YSlajLgYBRH:efPVvX5G8nFmnvOZWB6MAkgLs

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Downloads MZ/PE file

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks