Resubmissions
11-04-2024 09:34
240411-ljrrgabh4y 1011-04-2024 09:34
240411-ljrfpsgf98 1011-04-2024 09:34
240411-ljqt6sgf97 1011-04-2024 09:34
240411-ljqjeagf96 1011-04-2024 09:33
240411-ljpxwagf95 1009-04-2024 02:59
240409-dgzqasce34 1009-04-2024 02:58
240409-dgnb9sce28 1009-04-2024 02:58
240409-df5vxsga5x 1009-04-2024 02:56
240409-de62lacd79 1029-02-2024 05:28
240229-f59xaafe58 10General
-
Target
61b322051908949b1fe40f5ab5995cec4c2f1abb6628e5f798cab8a91f42d0e3.exe
-
Size
16.0MB
-
Sample
240229-f59xaafe58
-
MD5
b8e2ec7d64fe3156c5f684b3a2757301
-
SHA1
565db0f626a875be0ba5234963727e45c01f3ca9
-
SHA256
61b322051908949b1fe40f5ab5995cec4c2f1abb6628e5f798cab8a91f42d0e3
-
SHA512
02894d45ddeb98471ce09a99e3b4fe6e23b03e17c77ffba31d6a5e58b2a3b17eba3f8c8b81988b82aacca385ecc6dc752aa1ed62681909ff3d67acaf56a697d6
-
SSDEEP
393216:OccUL96juOB/a7LOupqeRbz9rmGuXrERtpyw7c+AiT:FZJkazpqeRbrdZyAc+Ai
Static task
static1
Behavioral task
behavioral1
Sample
61b322051908949b1fe40f5ab5995cec4c2f1abb6628e5f798cab8a91f42d0e3.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
61b322051908949b1fe40f5ab5995cec4c2f1abb6628e5f798cab8a91f42d0e3.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
61b322051908949b1fe40f5ab5995cec4c2f1abb6628e5f798cab8a91f42d0e3.exe
-
Size
16.0MB
-
MD5
b8e2ec7d64fe3156c5f684b3a2757301
-
SHA1
565db0f626a875be0ba5234963727e45c01f3ca9
-
SHA256
61b322051908949b1fe40f5ab5995cec4c2f1abb6628e5f798cab8a91f42d0e3
-
SHA512
02894d45ddeb98471ce09a99e3b4fe6e23b03e17c77ffba31d6a5e58b2a3b17eba3f8c8b81988b82aacca385ecc6dc752aa1ed62681909ff3d67acaf56a697d6
-
SSDEEP
393216:OccUL96juOB/a7LOupqeRbz9rmGuXrERtpyw7c+AiT:FZJkazpqeRbrdZyAc+Ai
-
XMRig Miner payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-