Overview

overview

10

Static

static

1

Iqqsqekw.exe

windows7-x64

7

Iqqsqekw.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Iqqsqekw.exe

  • Size

    567KB

  • Sample

    230327-a9gteaag67

  • MD5

    08c102c70a4ed360d28b0d327665dde3

  • SHA1

    38807c8adb216a23a0c5779f588348f8feaf455e

  • SHA256

    c0f8680cf2c86e01c093eb988a77b9506c4c46c35e338de762af3ec1e40b9cc7

  • SHA512

    87f4211808fdb2c5710afb840a8e3c6652cd40e6027ab6baf51cd600dd200d0064c5c945e185d08c7154d0774093b18e21d70059780da64a86c5639ee0474ec6

  • SSDEEP

    12288:oIXjzItkb1oh4+ZrJL7a6SDwKzhi7koikgqfmgJvLdz:oKzIty1J+tJ7OP5oikgqfZD

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      Iqqsqekw.exe

    • Size

      567KB

    • MD5

      08c102c70a4ed360d28b0d327665dde3

    • SHA1

      38807c8adb216a23a0c5779f588348f8feaf455e

    • SHA256

      c0f8680cf2c86e01c093eb988a77b9506c4c46c35e338de762af3ec1e40b9cc7

    • SHA512

      87f4211808fdb2c5710afb840a8e3c6652cd40e6027ab6baf51cd600dd200d0064c5c945e185d08c7154d0774093b18e21d70059780da64a86c5639ee0474ec6

    • SSDEEP

      12288:oIXjzItkb1oh4+ZrJL7a6SDwKzhi7koikgqfmgJvLdz:oKzIty1J+tJ7OP5oikgqfZD

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks