Overview

overview

10

Static

static

3

b627d1c7be...25.exe

windows7-x64

10

b627d1c7be...25.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b627d1c7be7ca78636e3cac560f87225

  • Size

    2.1MB

  • Sample

    240306-bqlhxsgb58

  • MD5

    b627d1c7be7ca78636e3cac560f87225

  • SHA1

    a79dab41d3392286dc0d037b753b133e721b4987

  • SHA256

    107f011effe470d819851aaa4f62e5d3df79fd8749171583c49e8b9866920cf9

  • SHA512

    9c8f6111ac8fbca04b79ff61e09efad67262d7cc318ef637d90cba1b28555b1b17ee9e78ec44e6c8b4ec0aa3635fed8a15dfdce2e416e4621c01b4631a50cabf

  • SSDEEP

    49152:WJzv+6Zu5b2aPVzukFmpWozTvgtuF2SAywV0:Uit5bG8vw2SAB0

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      b627d1c7be7ca78636e3cac560f87225

    • Size

      2.1MB

    • MD5

      b627d1c7be7ca78636e3cac560f87225

    • SHA1

      a79dab41d3392286dc0d037b753b133e721b4987

    • SHA256

      107f011effe470d819851aaa4f62e5d3df79fd8749171583c49e8b9866920cf9

    • SHA512

      9c8f6111ac8fbca04b79ff61e09efad67262d7cc318ef637d90cba1b28555b1b17ee9e78ec44e6c8b4ec0aa3635fed8a15dfdce2e416e4621c01b4631a50cabf

    • SSDEEP

      49152:WJzv+6Zu5b2aPVzukFmpWozTvgtuF2SAywV0:Uit5bG8vw2SAB0

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks