Overview

overview

10

Static

static

1

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e3f6bba3a31660f8574d3218999d340b7531d8eed3b0390f52c11d368f24b2f

  • Size

    234KB

  • Sample

    230326-178gfscc5y

  • MD5

    a8451e3c0020c7fcbedab7c6bf270094

  • SHA1

    a79f34a5c01636b4f6b60cb711335b3456c864f2

  • SHA256

    9e3f6bba3a31660f8574d3218999d340b7531d8eed3b0390f52c11d368f24b2f

  • SHA512

    d5f115eaad7fd862ab0215d348c54bc8ba3ab3038dfe9fba810e1482af354226e7a14eee10016ba7e1ddb06b9534676f8ed6ad0ab569997a3597099bb305090b

  • SSDEEP

    3072:h2dxRh+vFcQw3yqRSa2zpNfazD7ZaDiDNO9R60u2aDnKsozwsYFIYLSFjtfPbax:h2Tr+v+QokRaZMxooYFrLSFjt3

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      9e3f6bba3a31660f8574d3218999d340b7531d8eed3b0390f52c11d368f24b2f

    • Size

      234KB

    • MD5

      a8451e3c0020c7fcbedab7c6bf270094

    • SHA1

      a79f34a5c01636b4f6b60cb711335b3456c864f2

    • SHA256

      9e3f6bba3a31660f8574d3218999d340b7531d8eed3b0390f52c11d368f24b2f

    • SHA512

      d5f115eaad7fd862ab0215d348c54bc8ba3ab3038dfe9fba810e1482af354226e7a14eee10016ba7e1ddb06b9534676f8ed6ad0ab569997a3597099bb305090b

    • SSDEEP

      3072:h2dxRh+vFcQw3yqRSa2zpNfazD7ZaDiDNO9R60u2aDnKsozwsYFIYLSFjtfPbax:h2Tr+v+QokRaZMxooYFrLSFjt3

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Downloads MZ/PE file

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks