Resubmissions

30-04-2024 07:55

240430-jshh2sgb91 10

29-04-2024 04:34

240429-e7e91sad56 10

General

  • Target

    7fd525394f449871ea7be96a66ddc1ff6cb498aaaee85549cae392a782670780

  • Size

    4.2MB

  • Sample

    240430-jshh2sgb91

  • MD5

    b7250436469d05b646b54b00ccb74d7e

  • SHA1

    7ad840124e69004c862d0cf3f722b00cbfbbb9d3

  • SHA256

    7fd525394f449871ea7be96a66ddc1ff6cb498aaaee85549cae392a782670780

  • SHA512

    599e2a873b14b461c628ef3fb3f9771e11d866ff16012e82fbd614267e4eab268abd0671ad6bca6bcc8a5808e94b5aa1dcbb7ba75c51e78a645f040d60732ba4

  • SSDEEP

    98304:tt5Uqm7J/F8CAXFSubtgfzlM87bnHzNLhs5rugOyMhKGiDy7:ttw7JrAVRclM87bnTNTgOywUy7

Malware Config

Targets

    • Target

      7fd525394f449871ea7be96a66ddc1ff6cb498aaaee85549cae392a782670780

    • Size

      4.2MB

    • MD5

      b7250436469d05b646b54b00ccb74d7e

    • SHA1

      7ad840124e69004c862d0cf3f722b00cbfbbb9d3

    • SHA256

      7fd525394f449871ea7be96a66ddc1ff6cb498aaaee85549cae392a782670780

    • SHA512

      599e2a873b14b461c628ef3fb3f9771e11d866ff16012e82fbd614267e4eab268abd0671ad6bca6bcc8a5808e94b5aa1dcbb7ba75c51e78a645f040d60732ba4

    • SSDEEP

      98304:tt5Uqm7J/F8CAXFSubtgfzlM87bnHzNLhs5rugOyMhKGiDy7:ttw7JrAVRclM87bnTNTgOywUy7

    • LoaderBot

      LoaderBot is a loader written in .NET downloading and executing miners.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • LoaderBot executable

    • XMRig Miner payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks