Overview

overview

10

Static

static

10

05e3a4b0cb...18.exe

windows7-x64

10

05e3a4b0cb...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    05e3a4b0cbfa718a68bb9c8c4fb40be9_JaffaCakes118

  • Size

    1.7MB

  • Sample

    240428-xyjvysfb7y

  • MD5

    05e3a4b0cbfa718a68bb9c8c4fb40be9

  • SHA1

    9527a8121a7da17fe77fc7c50faeb8381f031f56

  • SHA256

    09c0ff4bbb6e837530a2114dfeb26509e3e929380d9342cbb3d907d72bb30d77

  • SHA512

    2617ede05eff4b122982a639211aeaac5fcbc002bf053b3ff05e9461ef61892f8fbc400257eedc15d068c0fc673d0abde8a7ce5e6f4bf2069b76e254462ec6f4

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SGkMKi:NABR

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      05e3a4b0cbfa718a68bb9c8c4fb40be9_JaffaCakes118

    • Size

      1.7MB

    • MD5

      05e3a4b0cbfa718a68bb9c8c4fb40be9

    • SHA1

      9527a8121a7da17fe77fc7c50faeb8381f031f56

    • SHA256

      09c0ff4bbb6e837530a2114dfeb26509e3e929380d9342cbb3d907d72bb30d77

    • SHA512

      2617ede05eff4b122982a639211aeaac5fcbc002bf053b3ff05e9461ef61892f8fbc400257eedc15d068c0fc673d0abde8a7ce5e6f4bf2069b76e254462ec6f4

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SGkMKi:NABR

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks