Overview

overview

10

Static

static

1

33035a718f...8a.exe

windows7-x64

1

33035a718f...8a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09a29f3b529c5e9ab25a47973bb0900a.bin

  • Size

    32KB

  • Sample

    230405-bcsebach5y

  • MD5

    201b80798f04b822d306408638420457

  • SHA1

    c168dd1586a0dcc6d72d1750e5aed658a98ed3ba

  • SHA256

    ba67e84bc51e90cd7e592540994f48d0ff0975f6f2e6512506dc60fbc40deb20

  • SHA512

    317522cf1b54c8294c7ddcb3413ae25fba9b596b202f4afb3cd2ab094df7d72ef3fd2a31f846dcad2fa5405af1acad8ab2134c128fef608e39792fd2f9106e07

  • SSDEEP

    384:ZAQZ6bszpTUETlLmUvBzyP4GocyvSQ1MhGf9VoXhN9fuTMIFnRFPsfQwG9ks4I5k:S06babQQHMhGfi1+j0owylX3azazRBgF

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      33035a718f5445742b82707f0ba6aff80337cac1e89b6b3b8b51177c7f9f578a.bin

    • Size

      62KB

    • MD5

      09a29f3b529c5e9ab25a47973bb0900a

    • SHA1

      b8dce851d01dbe0335f11fa8449b52a2270776e6

    • SHA256

      33035a718f5445742b82707f0ba6aff80337cac1e89b6b3b8b51177c7f9f578a

    • SHA512

      35e92a26fc392b15eb7fd78ca1f6a6c08afe42ed535fd020237215d7f4db0f66fa0676eb70d646f8790c9724c30c605a99b33cf6a6c84c3de78f6061f1a48efb

    • SSDEEP

      1536:s2JbaiIZApuLzOgkx9MbEze4g3ViceSITKdU:dbahZApuL1kx9MbEze4g3ViceYO

    Score
    10/10
    xmrigminerpersistence

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks