Overview

overview

10

Static

static

10

64944a1f7d...b4.exe

windows7-x64

10

64944a1f7d...b4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64944a1f7d846006e04b6101d40a28b4

  • Size

    1.2MB

  • Sample

    231203-ettkgshd7x

  • MD5

    64944a1f7d846006e04b6101d40a28b4

  • SHA1

    139989bce70344cee6a009cbe197e43c263aa6a5

  • SHA256

    311a3b7def97fc40fd72447b9e581401e5dcb7ecb6fc75e160035c87746452fa

  • SHA512

    da01745a7bdefaaaa698d20b8c4c3f9a223dc49886d86560b42916f9b168249c54b6360ceebe18b5400f500247eafd8513c49cdc018995f7e770b3d775939dba

  • SSDEEP

    24576:yV4G6JWrIWNuFYRF4Bs2kpvjpqzeRVXJIcXStT:y4WrIWMietCvjtRVJCJ

Score
10/10
purelogsxmrigzgratminerratstealer

Malware Config

Targets

    • Target

      64944a1f7d846006e04b6101d40a28b4

    • Size

      1.2MB

    • MD5

      64944a1f7d846006e04b6101d40a28b4

    • SHA1

      139989bce70344cee6a009cbe197e43c263aa6a5

    • SHA256

      311a3b7def97fc40fd72447b9e581401e5dcb7ecb6fc75e160035c87746452fa

    • SHA512

      da01745a7bdefaaaa698d20b8c4c3f9a223dc49886d86560b42916f9b168249c54b6360ceebe18b5400f500247eafd8513c49cdc018995f7e770b3d775939dba

    • SSDEEP

      24576:yV4G6JWrIWNuFYRF4Bs2kpvjpqzeRVXJIcXStT:y4WrIWMietCvjtRVJCJ

    Score
    10/10
    purelogszgratratstealerxmrigminer

    • Detect PureLogs payload

    • Detect ZGRat V1

    • PureLogs

      PureLogs is an infostealer written in C#.

      stealerpurelogs

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks