Overview

overview

10

Static

static

5

a3d0d87470...55.exe

windows10-1703-x64

7

a3d0d87470...55.exe

windows7-x64

10

a3d0d87470...55.exe

windows10-1703-x64

7

a3d0d87470...55.exe

windows10-2004-x64

10

a3d0d87470...55.exe

windows11-21h2-x64

7

Resubmissions

17/04/2024, 11:57

240417-n4jygadh88 10

17/04/2024, 11:56

240417-n4jbyafe3y 10

17/04/2024, 11:56

240417-n4bbbsdh82 10

17/04/2024, 11:56

240417-n4ad2afe3v 10

17/04/2024, 11:56

240417-n3939sdh77 10

17/04/2024, 06:22

240417-g47k7sfg47 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3d0d874700f493debbcd3515ba28645deb565004121c6f5643502863c122355

  • Size

    16.0MB

  • Sample

    240417-n4jbyafe3y

  • MD5

    a9d06dafb91f15c755391bd9d8360f40

  • SHA1

    a261feb9c781965e5598f9a1ea5fbbc140fc270b

  • SHA256

    a3d0d874700f493debbcd3515ba28645deb565004121c6f5643502863c122355

  • SHA512

    7b6252b2779aaaecc1f0f10ecd7725e1c35c257bdf62edc689546559649d94c97b319ccf62f23a068fb07a51a9d96688093385de610c4c98495d64f2c6845da4

  • SSDEEP

    393216:CYkuJyJxES3GqYpKjJxDJ9l4aVjod/ImJcplaF5LASRYTWKGw:9s33YcjXDCEjodSl053Y0w

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      a3d0d874700f493debbcd3515ba28645deb565004121c6f5643502863c122355

    • Size

      16.0MB

    • MD5

      a9d06dafb91f15c755391bd9d8360f40

    • SHA1

      a261feb9c781965e5598f9a1ea5fbbc140fc270b

    • SHA256

      a3d0d874700f493debbcd3515ba28645deb565004121c6f5643502863c122355

    • SHA512

      7b6252b2779aaaecc1f0f10ecd7725e1c35c257bdf62edc689546559649d94c97b319ccf62f23a068fb07a51a9d96688093385de610c4c98495d64f2c6845da4

    • SSDEEP

      393216:CYkuJyJxES3GqYpKjJxDJ9l4aVjod/ImJcplaF5LASRYTWKGw:9s33YcjXDCEjodSl053Y0w

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Enterprise v15

Tasks