Overview

overview

10

Static

static

3

38b8e8f6b3...31.exe

windows7-x64

10

38b8e8f6b3...31.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    38b8e8f6b3b51b0d2f1c01bb57cd5531

  • Size

    1.4MB

  • Sample

    231231-q53hbaaea6

  • MD5

    38b8e8f6b3b51b0d2f1c01bb57cd5531

  • SHA1

    f35ee5d2d7ff20e8c4c98ae6750aad8b2ab4fcb4

  • SHA256

    2cb028a6837a6ae9da35962dab2c99073d92260bcac718d20ce24256102c2212

  • SHA512

    8807ef7f2b2ea7e8ca75d52c4ec3783e773acf14999081d48b7e5d8c07a20782031cfa4799d87e6ca80d9305b307142253387e6bee4dd20610e6cc5d15f2a442

  • SSDEEP

    24576:XHpjjVirRNHUo+UmSPl2BvAZoqxgh/JSJa3iCqyygt4YcoeZSCv:XJjjupPVZoqxgKayLgiExCv

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      38b8e8f6b3b51b0d2f1c01bb57cd5531

    • Size

      1.4MB

    • MD5

      38b8e8f6b3b51b0d2f1c01bb57cd5531

    • SHA1

      f35ee5d2d7ff20e8c4c98ae6750aad8b2ab4fcb4

    • SHA256

      2cb028a6837a6ae9da35962dab2c99073d92260bcac718d20ce24256102c2212

    • SHA512

      8807ef7f2b2ea7e8ca75d52c4ec3783e773acf14999081d48b7e5d8c07a20782031cfa4799d87e6ca80d9305b307142253387e6bee4dd20610e6cc5d15f2a442

    • SSDEEP

      24576:XHpjjVirRNHUo+UmSPl2BvAZoqxgh/JSJa3iCqyygt4YcoeZSCv:XJjjupPVZoqxgKayLgiExCv

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks