General
-
Target
AI WF GOOGLE.exe
-
Size
17.9MB
-
Sample
240302-s2q18aef41
-
MD5
984f6bf56fae059f289bd860718bc294
-
SHA1
160cc904fb52494211fdd10af0a76ee5bd78eb48
-
SHA256
5dc5de381947ec24c3c3fcec600c354299ee50265c7ce66daf95a1f12d1d86f3
-
SHA512
363a52b16b0513faf0c8d13df9cabbea03e3b73a23ed8e3203cbc33cf02205a4257824d71590ebb85af2bb5b3ba78b8df8e8fd4f75ce2b2c9b161439168265d1
-
SSDEEP
393216:4Sxhi0OemBUiVroCClfgnK+wm9ef72IimHOQ:4SxYRC9+wD2qHOQ
Static task
static1
Behavioral task
behavioral1
Sample
AI WF GOOGLE.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
AI WF GOOGLE.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
AI WF GOOGLE.exe
-
Size
17.9MB
-
MD5
984f6bf56fae059f289bd860718bc294
-
SHA1
160cc904fb52494211fdd10af0a76ee5bd78eb48
-
SHA256
5dc5de381947ec24c3c3fcec600c354299ee50265c7ce66daf95a1f12d1d86f3
-
SHA512
363a52b16b0513faf0c8d13df9cabbea03e3b73a23ed8e3203cbc33cf02205a4257824d71590ebb85af2bb5b3ba78b8df8e8fd4f75ce2b2c9b161439168265d1
-
SSDEEP
393216:4Sxhi0OemBUiVroCClfgnK+wm9ef72IimHOQ:4SxYRC9+wD2qHOQ
Score10/10-
XMRig Miner payload
-
Creates new service(s)
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-