Overview

overview

10

Static

static

10

NEAS.e7df2...70.exe

windows7-x64

10

NEAS.e7df2...70.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.e7df28f006a8521d58552dfc3cf0ff70.exe

  • Size

    941KB

  • Sample

    231014-j8wevahf5z

  • MD5

    e7df28f006a8521d58552dfc3cf0ff70

  • SHA1

    089ac082522114cb28c3c38f7b708ea000237fbc

  • SHA256

    cacf5bc25f097be263f7d776fc7ee1d7d7cf9880a718b3f5ed4425eae3d0d267

  • SHA512

    28dddf316ef0f70a1f42e6696a03513df18e2065a05744d13b8f373dd1354f00faff06aa3e7e198a96e28c0f2d95016bb8bb8c9c0997d81a7f18bcb5caa186fe

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmARfHli0g:ROdWCCi7/raZ5aIwC+ABhg

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      NEAS.e7df28f006a8521d58552dfc3cf0ff70.exe

    • Size

      941KB

    • MD5

      e7df28f006a8521d58552dfc3cf0ff70

    • SHA1

      089ac082522114cb28c3c38f7b708ea000237fbc

    • SHA256

      cacf5bc25f097be263f7d776fc7ee1d7d7cf9880a718b3f5ed4425eae3d0d267

    • SHA512

      28dddf316ef0f70a1f42e6696a03513df18e2065a05744d13b8f373dd1354f00faff06aa3e7e198a96e28c0f2d95016bb8bb8c9c0997d81a7f18bcb5caa186fe

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmARfHli0g:ROdWCCi7/raZ5aIwC+ABhg

    Score
    10/10
    xmrigminerupx

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks