General
-
Target
setup.exe
-
Size
254KB
-
Sample
230327-a2xjwsag35
-
MD5
033e6af2279b3369bb2e84380ba16e06
-
SHA1
ce48d90ad361f8b3c02a0191ac0f03901b49a34a
-
SHA256
1dea3e86c77debbf0bc3446255b287327cab8bbf8194fb96d64b598d2ef65dab
-
SHA512
5306be70bf8a178bf43c667b732054ca1bbe3f90c1251f7163b9727f823928e3c140a96fe29ef9f6c34f0d15804274db058c007fb206df0b2ab26f6aec9dd89e
-
SSDEEP
3072:xl19lw0riDYFmfs/6uycZ4koUoq3c4GGYIuoBOqIBjmFPokgaLnOnnZNBhFw7R7x:vlw0hus3OUiGYD3oPRgauNBo7
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
254KB
-
MD5
033e6af2279b3369bb2e84380ba16e06
-
SHA1
ce48d90ad361f8b3c02a0191ac0f03901b49a34a
-
SHA256
1dea3e86c77debbf0bc3446255b287327cab8bbf8194fb96d64b598d2ef65dab
-
SHA512
5306be70bf8a178bf43c667b732054ca1bbe3f90c1251f7163b9727f823928e3c140a96fe29ef9f6c34f0d15804274db058c007fb206df0b2ab26f6aec9dd89e
-
SSDEEP
3072:xl19lw0riDYFmfs/6uycZ4koUoq3c4GGYIuoBOqIBjmFPokgaLnOnnZNBhFw7R7x:vlw0hus3OUiGYD3oPRgauNBo7
-
XMRig Miner payload
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-