General
-
Target
setup.exe
-
Size
258KB
-
Sample
230331-a2b8ysga38
-
MD5
041b96460a5646b883436e0b327829eb
-
SHA1
52cff10434f104bda83a988f34c6206563d458b5
-
SHA256
831de4f721d72790aa397a9f8ad7b02eaf86b4d522748452922260b0b2127d92
-
SHA512
1182b0eaac12030b3a90e701ba0c1973bcbbeec0283341a84980648bcab23d4a8bc4bddb49197783d5ca0adb6f236ee7e46ea22e640b8f6cd74487dc3aac96ba
-
SSDEEP
6144:otjpISgwKH0fqmTSyteqsmri+c2Y7PFT5X8WBIP0GQkA7Hi6SicHQ9:mjRgwnf9Wmri+c2WPF9XsP0GQkALSnu
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
258KB
-
MD5
041b96460a5646b883436e0b327829eb
-
SHA1
52cff10434f104bda83a988f34c6206563d458b5
-
SHA256
831de4f721d72790aa397a9f8ad7b02eaf86b4d522748452922260b0b2127d92
-
SHA512
1182b0eaac12030b3a90e701ba0c1973bcbbeec0283341a84980648bcab23d4a8bc4bddb49197783d5ca0adb6f236ee7e46ea22e640b8f6cd74487dc3aac96ba
-
SSDEEP
6144:otjpISgwKH0fqmTSyteqsmri+c2Y7PFT5X8WBIP0GQkA7Hi6SicHQ9:mjRgwnf9Wmri+c2WPF9XsP0GQkALSnu
-
XMRig Miner payload
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-