Overview
overview
10Static
static
1tesy - Copy (10).bat
windows10-1703-x64
10tesy - Copy (11).bat
windows10-1703-x64
10tesy - Copy (12).bat
windows10-1703-x64
10tesy - Copy (13).bat
windows10-1703-x64
10tesy - Copy (14).bat
windows10-1703-x64
10tesy - Copy (2).bat
windows10-1703-x64
10tesy - Copy (3).bat
windows10-1703-x64
10tesy - Copy (4).bat
windows10-1703-x64
10tesy - Copy (5).bat
windows10-1703-x64
10tesy - Copy (6).bat
windows10-1703-x64
10tesy - Copy (7).bat
windows10-1703-x64
10tesy - Copy (8).bat
windows10-1703-x64
10tesy - Copy (9).bat
windows10-1703-x64
10tesy - Copy.bat
windows10-1703-x64
10tesy.bat
windows10-1703-x64
10General
-
Target
NM.zip
-
Size
8KB
-
Sample
240124-fqzg1abcgn
-
MD5
afdb6e69ea3871a344893fa2494c5f74
-
SHA1
20a0c292f69761c186a07f3643492c2605e5a075
-
SHA256
04cf0194fb37bcc19b2b63904d84a74c720b64b7938620fdf971bb98a8f47ccd
-
SHA512
156c21ecf75a96ba1886fa9ce90e9074de4b88f62545bdd1dbedc0346cb5b55b23317135c264db60a975e410d08e2059d78532358247fb9db37249ddba112f2f
-
SSDEEP
96:IP2bBP22P2vP2AP2mP2fP2hKP2ZP2qP2zP2EP2NP2DP2oP20wKk:i8BC/j8GE+/IpqEDwKk
Static task
static1
Behavioral task
behavioral1
Sample
tesy - Copy (10).bat
Resource
win10-20231215-en
Behavioral task
behavioral2
Sample
tesy - Copy (11).bat
Resource
win10-20231215-en
Behavioral task
behavioral3
Sample
tesy - Copy (12).bat
Resource
win10-20231215-en
Behavioral task
behavioral4
Sample
tesy - Copy (13).bat
Resource
win10-20231215-en
Behavioral task
behavioral5
Sample
tesy - Copy (14).bat
Resource
win10-20231215-en
Behavioral task
behavioral6
Sample
tesy - Copy (2).bat
Resource
win10-20231215-en
Behavioral task
behavioral7
Sample
tesy - Copy (3).bat
Resource
win10-20231215-en
Behavioral task
behavioral8
Sample
tesy - Copy (4).bat
Resource
win10-20231215-en
Behavioral task
behavioral9
Sample
tesy - Copy (5).bat
Resource
win10-20231215-en
Behavioral task
behavioral10
Sample
tesy - Copy (6).bat
Resource
win10-20231215-en
Behavioral task
behavioral11
Sample
tesy - Copy (7).bat
Resource
win10-20231215-en
Behavioral task
behavioral12
Sample
tesy - Copy (8).bat
Resource
win10-20231215-en
Behavioral task
behavioral13
Sample
tesy - Copy (9).bat
Resource
win10-20231215-en
Behavioral task
behavioral14
Sample
tesy - Copy.bat
Resource
win10-20231215-en
Malware Config
Extracted
https://github.com/xmrig/xmrig/releases/download/v6.21.0/xmrig-6.21.0-gcc-win64.zip
Targets
-
-
Target
tesy - Copy (10).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (11).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (12).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (13).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (14).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (2).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (3).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (4).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (5).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (6).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (7).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (8).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy (9).bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy - Copy.bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
-
-
Target
tesy.bat
-
Size
608B
-
MD5
727c8da0478af118c957ae60f7161cab
-
SHA1
cf18105b8659e93bbd2824fa35ef1bae7b395301
-
SHA256
97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab
-
SHA512
d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-