Overview

overview

10

Static

static

3

d224dfde2a...21.exe

windows7-x64

7

d224dfde2a...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59bdfeadc9becdab96fe6110bd33ef9c.bin

  • Size

    940KB

  • Sample

    230612-b672vsad93

  • MD5

    97f943d31748f0b4c5db4475e0e9f09d

  • SHA1

    4c64bfbb92804915562ea4db27f62076fd95688d

  • SHA256

    5ac3619566ff131100970cb38317af15c0c67ee29582e2ad634c2f4b1a6e8103

  • SHA512

    f3e6158d4a76ab76adc8e8c1732b0c76a879875ffdd47494e6d3c76b4d97f6a9d22c611bc76317636a50c8f0e480585967ba975fdc8c14c8054865e1540b54db

  • SSDEEP

    24576:G9REOCnu9WFTixG+mM+Bn7Uu+4ZFXfRfCFOejhIK:GMHnfFTP+Kn7/PFJfSlb

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      d224dfde2a5b1d9d11cf216aadcc86cf33364aa44d8b76d8528d14183900e221.exe

    • Size

      2.7MB

    • MD5

      59bdfeadc9becdab96fe6110bd33ef9c

    • SHA1

      33a4738eae2b0bae7f374398753a67d8e9f6ff52

    • SHA256

      d224dfde2a5b1d9d11cf216aadcc86cf33364aa44d8b76d8528d14183900e221

    • SHA512

      484314e4dbaaf42cf5977a01243679dd24febd0f6edd3f3d0a2849981cd17cf9424ce36fba4848db0bb8dff40d0e780756c74fa3882efcc88d6db3461f6c2c4f

    • SSDEEP

      12288:xoIuuRsY3/TwC7yA3bgH19Ay74Rcd6ijNqnW8feIX5GgvkUH7WEuQxXXTpr5qTYx:xDWHagHQk4agijNq6Eu8pn9yC

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks