Overview

overview

10

Static

static

10

02e477d1c0...18.exe

windows7-x64

10

02e477d1c0...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02e477d1c03fb3399e966ee49080b1ec_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240427-k1mneafc34

  • MD5

    02e477d1c03fb3399e966ee49080b1ec

  • SHA1

    a9f1de32d3de62b81e9f55a0599d39e885a74991

  • SHA256

    25bdd5756b9e31a37fa606897d74dabc0b7a08f637f882cd98f0fec7cfce05a0

  • SHA512

    523eff668e90f12d2dd29acf7e73dd8633aa1f568d77bf5a506272a28f5d228757444a0ec37f08709ea7d61db87aff9df046c071e486c3c83966aaf48d6e07c7

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5KIP7nTrmBhihM5xC+U1B:NABs

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      02e477d1c03fb3399e966ee49080b1ec_JaffaCakes118

    • Size

      1.9MB

    • MD5

      02e477d1c03fb3399e966ee49080b1ec

    • SHA1

      a9f1de32d3de62b81e9f55a0599d39e885a74991

    • SHA256

      25bdd5756b9e31a37fa606897d74dabc0b7a08f637f882cd98f0fec7cfce05a0

    • SHA512

      523eff668e90f12d2dd29acf7e73dd8633aa1f568d77bf5a506272a28f5d228757444a0ec37f08709ea7d61db87aff9df046c071e486c3c83966aaf48d6e07c7

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5KIP7nTrmBhihM5xC+U1B:NABs

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks