Overview

overview

10

Static

static

3

8cdc020d39...31.exe

windows7-x64

10

8cdc020d39...31.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afef5d166670497a64ef81f1f2061524.bin

  • Size

    838KB

  • Sample

    230706-cc4m1saa4s

  • MD5

    be5c514cd2e6e9102ddc46a1dccd8408

  • SHA1

    7dd6e1c33e215d6533d6fbc2ae0850c60103570c

  • SHA256

    87902a3c730dd8229cb2a1b055ca95bd6ac7228ef5a921c4f9144a7df9f74f6a

  • SHA512

    195b4b3644051e72fd7b2b528ddb71fbe8c3d4cb6d173146febb9ef373cfde2dfe4f0dd0c7bcbcac4b72e4eb84470627fe5dea503fb3abe2d2d9104366ef93f9

  • SSDEEP

    12288:fFHMEsXMy0HrkgXo3wrNBVkvT3U17v4DzX7UEBAAAf2MLsRpJSENijR0lh7iHwdD:NHMEst0LkgXnm73U17vmAfGJSxN+dM0

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      8cdc020d39d4378285c7327611ccf8c31fc2e6789d3e5784ea47012d13035331.exe

    • Size

      1.9MB

    • MD5

      afef5d166670497a64ef81f1f2061524

    • SHA1

      b0a689dcc3be4c211f9db665958696b21c98d33c

    • SHA256

      8cdc020d39d4378285c7327611ccf8c31fc2e6789d3e5784ea47012d13035331

    • SHA512

      b9f71097c615be9406362f7ed9a02a794430b45930d7a1626f7d488d40d69caf580db92e4bbdec5c01d5a7de9ab1f4f5a4d4848948c0b291277cd05f648af067

    • SSDEEP

      24576:CCcQUvMemoohN2pruSwiPSCmDS+5uSldPNEQ/Lx:PtMMhYruSwiPSCmDS+5uSldPWQD

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks