Overview

overview

10

Static

static

1

win.bat

windows10-1703-x64

10

win_1.bat

windows10-1703-x64

10

win_10.bat

windows10-1703-x64

10

win_11.bat

windows10-1703-x64

10

win_12.bat

windows10-1703-x64

10

win_13.bat

windows10-1703-x64

10

win_14.bat

windows10-1703-x64

10

win_15.bat

windows10-1703-x64

10

win_2.bat

windows10-1703-x64

10

win_3.bat

windows10-1703-x64

10

win_4.bat

windows10-1703-x64

10

win_5.bat

windows10-1703-x64

10

win_6.bat

windows10-1703-x64

10

win_7.bat

windows10-1703-x64

10

win_8.bat

windows10-1703-x64

10

win_9.bat

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    F2pool.zip

  • Size

    8KB

  • Sample

    230630-smp6daef3v

  • MD5

    b37f9fbaa78c6527a32fc6cccbc68230

  • SHA1

    cda97d9711f9cf30f4f443acb82fae8ebe728a15

  • SHA256

    552f283f900b86a8088ac84fd4d0327403620e308d71a0549490560cd8808933

  • SHA512

    f8868a7742c4263b6f86d72409b491c004190eecfd57cad5a6c422446702e308dd2d31c92081ec91fdebc9ff151766f72c185fbecf67924f391c7b9b87d84c8d

  • SSDEEP

    96:H2bMbPbIb9bGbjbMbxbabPbIb9bGbrb0CnPDUcTOpDJtprODqKGq:WoDsR6vodmDsR63QG

Score
10/10
upx

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://github.com/rplant8/cpuminer-opt-rplant/releases/latest/download/cpuminer-opt-win.zip

Targets

    • Target

      win.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      win_1.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral2

    • Target

      win_10.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3

    • Target

      win_11.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral4

    • Target

      win_12.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5

    • Target

      win_13.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10

    • Blocklisted process makes network request

    behavioral6

    • Target

      win_14.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7

    • Target

      win_15.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10

    • Blocklisted process makes network request

    behavioral8

    • Target

      win_2.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral9

    • Target

      win_3.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10

    • Target

      win_4.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11

    • Target

      win_5.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral12

    • Target

      win_6.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10

    • Blocklisted process makes network request

    behavioral13

    • Target

      win_7.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral14

    • Target

      win_8.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15

    • Target

      win_9.bat

    • Size

      679B

    • MD5

      18842e3757e17e2733c7460f7a56d4fd

    • SHA1

      620080cdd5c84a38aac23210a35558ec8f2086e2

    • SHA256

      66cd9049152d3e9507ca112e1a0609ff8a2ecd53fc306128a0129da7d73b0d83

    • SHA512

      08e221ae077c6bbd39272ecb106d0744ef28d15c2d1cc79ff0bb201eeedd20af3e132240fcc29b797b83073a0a16beb5ca6a24d7f181385e0337466cc976a4b0

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral16

MITRE ATT&CK Matrix

Tasks