Overview

overview

10

Static

static

1

test13.exe

windows10-1703-x64

10

test13.exe

windows7-x64

10

test13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test13.exe

  • Size

    5.6MB

  • Sample

    230522-nmjw5sgb32

  • MD5

    dd6511650167bd50c8baf3c321d68cd7

  • SHA1

    b7a0cf91f251935969e75628c080bf38f694e6c6

  • SHA256

    add2fd5a3d7d4280c417a6a195fcdca9fbf834329b644f9d84423f2413ac2d85

  • SHA512

    da4ca577eaf56b2d459549156c89213d20cce9e2d2c24003a35e7f0753398dc4538d508cf276adedbc635808bec6ffd61b2c94a881ecbc6a66c5911e24d4a32c

  • SSDEEP

    98304:tR4QavOFDCN/Li9/oDsBaSnEolKi8JBoazSzZMrq7g2FWO2kBcQf41/9UMbKTurd:tnaEDCNOp5EolKi8JTS2wg2FWO2kP41R

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      test13.exe

    • Size

      5.6MB

    • MD5

      dd6511650167bd50c8baf3c321d68cd7

    • SHA1

      b7a0cf91f251935969e75628c080bf38f694e6c6

    • SHA256

      add2fd5a3d7d4280c417a6a195fcdca9fbf834329b644f9d84423f2413ac2d85

    • SHA512

      da4ca577eaf56b2d459549156c89213d20cce9e2d2c24003a35e7f0753398dc4538d508cf276adedbc635808bec6ffd61b2c94a881ecbc6a66c5911e24d4a32c

    • SSDEEP

      98304:tR4QavOFDCN/Li9/oDsBaSnEolKi8JBoazSzZMrq7g2FWO2kBcQf41/9UMbKTurd:tnaEDCNOp5EolKi8JTS2wg2FWO2kP41R

    Score
    10/10
    xmrigminer

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks