Overview

overview

10

Static

static

10

NEAS.4816d...60.exe

windows7-x64

10

NEAS.4816d...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.4816db924913621c2727f85dd1165160.exe

  • Size

    2.2MB

  • Sample

    231115-kjpfnsgd3y

  • MD5

    4816db924913621c2727f85dd1165160

  • SHA1

    89d1666d2814464ec63d6133a5cd784836472e9d

  • SHA256

    d43c493e91274c0da1a38fa396ebd2a59a5b175c2e7f39f5dca9950d78ef538c

  • SHA512

    202417c5969908ed53f43bcd88a0f82996b7f06a81352a9a51c835be3adcd01d24f194127757572350d527a18d291ce02414068e5ee9fe65f0cd68b6ff88d711

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTNPa:NAB+

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      NEAS.4816db924913621c2727f85dd1165160.exe

    • Size

      2.2MB

    • MD5

      4816db924913621c2727f85dd1165160

    • SHA1

      89d1666d2814464ec63d6133a5cd784836472e9d

    • SHA256

      d43c493e91274c0da1a38fa396ebd2a59a5b175c2e7f39f5dca9950d78ef538c

    • SHA512

      202417c5969908ed53f43bcd88a0f82996b7f06a81352a9a51c835be3adcd01d24f194127757572350d527a18d291ce02414068e5ee9fe65f0cd68b6ff88d711

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTNPa:NAB+

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks