Overview

overview

10

Static

static

3

6ed6386bec...ec.exe

windows7-x64

1

6ed6386bec...ec.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ed6386becd96891e15a4b71c1be56ec

  • Size

    2.6MB

  • Sample

    231226-precwsbhbr

  • MD5

    6ed6386becd96891e15a4b71c1be56ec

  • SHA1

    a467e9282a6a40793d84620dc109f575205fdd4d

  • SHA256

    58612c41719c153b5f066b69c22dfd826e395b055bfcdccc32637fb6cb1791e9

  • SHA512

    42e6b298a173589f70112ffcdc87fd99738e7acf580093741066c464f5c8be89583969ea0dd6817aba9865d2af33cdb0e45820d03101fc466fb802182d9b93c1

  • SSDEEP

    49152:nQ2hnLrWU5N6f2qzsKjWeg+dO2vF4bG20r0e/Zebz9DMhIRrACqKidpM:njDsoKjWKdOGFs0r769wkULjM

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      6ed6386becd96891e15a4b71c1be56ec

    • Size

      2.6MB

    • MD5

      6ed6386becd96891e15a4b71c1be56ec

    • SHA1

      a467e9282a6a40793d84620dc109f575205fdd4d

    • SHA256

      58612c41719c153b5f066b69c22dfd826e395b055bfcdccc32637fb6cb1791e9

    • SHA512

      42e6b298a173589f70112ffcdc87fd99738e7acf580093741066c464f5c8be89583969ea0dd6817aba9865d2af33cdb0e45820d03101fc466fb802182d9b93c1

    • SSDEEP

      49152:nQ2hnLrWU5N6f2qzsKjWeg+dO2vF4bG20r0e/Zebz9DMhIRrACqKidpM:njDsoKjWKdOGFs0r769wkULjM

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks