Overview

overview

10

Static

static

3

ab0443c4b5...b3.exe

windows7-x64

10

ab0443c4b5...b3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab0443c4b5ae89cd913377183852ecb3.exe

  • Size

    1.2MB

  • Sample

    231210-ts3jbshcd3

  • MD5

    ab0443c4b5ae89cd913377183852ecb3

  • SHA1

    23cf5fb65377cfe0af63adede50c50fb24dc32ab

  • SHA256

    8252f99b0f6c26c5c6360c896b26d2acf273ec3c68cf2d883fce4727fe926237

  • SHA512

    149ef11f5b394b29310bb43bac8dc7356fe08c8916359b85de8b05b6033c76cb3e230fcd7098bba9acaf7dfc4570aba479b6e9b05369043f1d24a7f5d78e7d7b

  • SSDEEP

    24576:vhH733J6mChDoplHDnS5DYL65kXy2eO9S0Q2eFctQU:JDMCljnK2ok9l9SX2L

Score
10/10
xmrigzgratminerrat

Malware Config

Targets

    • Target

      ab0443c4b5ae89cd913377183852ecb3.exe

    • Size

      1.2MB

    • MD5

      ab0443c4b5ae89cd913377183852ecb3

    • SHA1

      23cf5fb65377cfe0af63adede50c50fb24dc32ab

    • SHA256

      8252f99b0f6c26c5c6360c896b26d2acf273ec3c68cf2d883fce4727fe926237

    • SHA512

      149ef11f5b394b29310bb43bac8dc7356fe08c8916359b85de8b05b6033c76cb3e230fcd7098bba9acaf7dfc4570aba479b6e9b05369043f1d24a7f5d78e7d7b

    • SSDEEP

      24576:vhH733J6mChDoplHDnS5DYL65kXy2eO9S0Q2eFctQU:JDMCljnK2ok9l9SX2L

    Score
    10/10
    zgratratxmrigminer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks