Overview

overview

10

Static

static

1

setup.exe

windows7-x64

5

setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.exe

  • Size

    254KB

  • Sample

    230327-a2xjwsag35

  • MD5

    033e6af2279b3369bb2e84380ba16e06

  • SHA1

    ce48d90ad361f8b3c02a0191ac0f03901b49a34a

  • SHA256

    1dea3e86c77debbf0bc3446255b287327cab8bbf8194fb96d64b598d2ef65dab

  • SHA512

    5306be70bf8a178bf43c667b732054ca1bbe3f90c1251f7163b9727f823928e3c140a96fe29ef9f6c34f0d15804274db058c007fb206df0b2ab26f6aec9dd89e

  • SSDEEP

    3072:xl19lw0riDYFmfs/6uycZ4koUoq3c4GGYIuoBOqIBjmFPokgaLnOnnZNBhFw7R7x:vlw0hus3OUiGYD3oPRgauNBo7

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      setup.exe

    • Size

      254KB

    • MD5

      033e6af2279b3369bb2e84380ba16e06

    • SHA1

      ce48d90ad361f8b3c02a0191ac0f03901b49a34a

    • SHA256

      1dea3e86c77debbf0bc3446255b287327cab8bbf8194fb96d64b598d2ef65dab

    • SHA512

      5306be70bf8a178bf43c667b732054ca1bbe3f90c1251f7163b9727f823928e3c140a96fe29ef9f6c34f0d15804274db058c007fb206df0b2ab26f6aec9dd89e

    • SSDEEP

      3072:xl19lw0riDYFmfs/6uycZ4koUoq3c4GGYIuoBOqIBjmFPokgaLnOnnZNBhFw7R7x:vlw0hus3OUiGYD3oPRgauNBo7

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Downloads MZ/PE file

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks