Overview

overview

10

Static

static

1

1.bat

windows10-1703-x64

10

10.bat

windows10-1703-x64

10

11.bat

windows10-1703-x64

10

12.bat

windows10-1703-x64

10

13.bat

windows10-1703-x64

10

14.bat

windows10-1703-x64

10

15.bat

windows10-1703-x64

10

2.bat

windows10-1703-x64

10

3.bat

windows10-1703-x64

10

4.bat

windows10-1703-x64

10

5.bat

windows10-1703-x64

10

6.bat

windows10-1703-x64

10

7.bat

windows10-1703-x64

10

8.bat

windows10-1703-x64

10

9.bat

windows10-1703-x64

10

Resubmissions

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sk.zip

  • Size

    8KB

  • Sample

    240319-sswkcafh8w

  • MD5

    3088c10015b067d255109e1dcb9d331d

  • SHA1

    e10011340db6ffe3b8540f036483cc6668119947

  • SHA256

    9515f209eff42f76b09d3f37f57c6524a0d6050d02e7719ef4c1d3b6d49f43a3

  • SHA512

    a8529e76e82bd6e9e7752a44f3b41e4338d294e3e90d8fa6711977631c083d89022151874ae96acdaf875f9d7631e4d853de4e31c7440790af8acdc8d785734a

  • SSDEEP

    96:8P2FP2iP23P2sP2BP2OP2xP2+P2nP2cP21P2SP2rP2QP2GEzep75h:28Vmf4ROHAZqDsF405h

Score
10/10
xmrigminer

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://github.com/xmrig/xmrig/releases/download/v6.21.0/xmrig-6.21.0-gcc-win64.zip

Targets

    • Target

      1.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral1

    • Target

      10.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral2

    • Target

      11.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral3

    • Target

      12.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral4

    • Target

      13.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral5

    • Target

      14.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral6

    • Target

      15.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral7

    • Target

      2.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral8

    • Target

      3.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral9

    • Target

      4.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral10

    • Target

      5.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral11

    • Target

      6.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral12

    • Target

      7.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral13

    • Target

      8.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral14

    • Target

      9.bat

    • Size

      608B

    • MD5

      727c8da0478af118c957ae60f7161cab

    • SHA1

      cf18105b8659e93bbd2824fa35ef1bae7b395301

    • SHA256

      97db0437ecb6f401a4674dceead7b17a885241f2ab2495652863d2240f3bedab

    • SHA512

      d9cbb46d5f3caa92d3b44301bc96ccfd5552f2ab3e5460362db3b59d23e0a5c34bf78e9387009092ac5c92b4423c03789aa1fc824a4e1388a1363daa6ab54e01

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral15

MITRE ATT&CK Matrix

Tasks