Overview

overview

10

Static

static

10

03af2bdb6f...18.exe

windows7-x64

10

03af2bdb6f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03af2bdb6f1fe7e004f9d39efe7386bb_JaffaCakes118

  • Size

    2.2MB

  • Sample

    240427-1g4qkshd6w

  • MD5

    03af2bdb6f1fe7e004f9d39efe7386bb

  • SHA1

    2fab8949831febb3a6a05a8de00354ce663238c3

  • SHA256

    f4281336c75c9d06c40cf3d722709d7e806d635729b5f93bb63258796b684342

  • SHA512

    ae829fbc6ec8cd9657992fb10aeb24bc6f13b4fc6f427230d658e3faa6f43897ea37dbbadf52309e581a2b30d922d1f13d7da68a5aade626e24f3819a1aa0584

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1VQx7Va4qrfT:NABE

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      03af2bdb6f1fe7e004f9d39efe7386bb_JaffaCakes118

    • Size

      2.2MB

    • MD5

      03af2bdb6f1fe7e004f9d39efe7386bb

    • SHA1

      2fab8949831febb3a6a05a8de00354ce663238c3

    • SHA256

      f4281336c75c9d06c40cf3d722709d7e806d635729b5f93bb63258796b684342

    • SHA512

      ae829fbc6ec8cd9657992fb10aeb24bc6f13b4fc6f427230d658e3faa6f43897ea37dbbadf52309e581a2b30d922d1f13d7da68a5aade626e24f3819a1aa0584

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1VQx7Va4qrfT:NABE

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks