Overview

overview

10

Static

static

3

78b7fad85d...a0.exe

windows7-x64

10

78b7fad85d...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78b7fad85d9e1028dd509a065f2ee4a0

  • Size

    2.0MB

  • Sample

    240126-3vrpaaghc8

  • MD5

    78b7fad85d9e1028dd509a065f2ee4a0

  • SHA1

    95aad6e242b0e169331dae4d20f096be30c2db2d

  • SHA256

    1066f326d18e0536099f11d576a3d084b1ecf9d7dc93dc5729864ea0c852f054

  • SHA512

    c0522dd75368473bf5bc4fd8585105683c3bbba359b2d6097ff92931b3f66aba8d8c69536509b0ffe980dcc71997529132b72ed8768bc164ba819b5695dc624c

  • SSDEEP

    49152:oszK1/cwsRhfkBTGRHOw8qhkul2UJcbDfkcv:oUZwEk8Rubqh3+s

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      78b7fad85d9e1028dd509a065f2ee4a0

    • Size

      2.0MB

    • MD5

      78b7fad85d9e1028dd509a065f2ee4a0

    • SHA1

      95aad6e242b0e169331dae4d20f096be30c2db2d

    • SHA256

      1066f326d18e0536099f11d576a3d084b1ecf9d7dc93dc5729864ea0c852f054

    • SHA512

      c0522dd75368473bf5bc4fd8585105683c3bbba359b2d6097ff92931b3f66aba8d8c69536509b0ffe980dcc71997529132b72ed8768bc164ba819b5695dc624c

    • SSDEEP

      49152:oszK1/cwsRhfkBTGRHOw8qhkul2UJcbDfkcv:oUZwEk8Rubqh3+s

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks