Overview

overview

10

Static

static

10

0a610268cf...18.exe

windows7-x64

10

0a610268cf...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0a610268cfa876033ac0368373cb9f6c_JaffaCakes118

  • Size

    2.3MB

  • Sample

    240430-xjbwssfd32

  • MD5

    0a610268cfa876033ac0368373cb9f6c

  • SHA1

    5df4c81296b9d84075963d2b7781c83fef151ef5

  • SHA256

    9847205726e692d21c63b551fbd4e7a75f582b2c090e09f98363e766cbe3cdcc

  • SHA512

    f67cb25c9207828e6ad91338e831dbcc102d882339620861caef2f77499a4bfb80c87211d8e5469682d7822678aad6c0f3ea7c5681a2d3ebfc46197a41e1ad0c

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pCkc30JqMopiqkgo:NABX

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      0a610268cfa876033ac0368373cb9f6c_JaffaCakes118

    • Size

      2.3MB

    • MD5

      0a610268cfa876033ac0368373cb9f6c

    • SHA1

      5df4c81296b9d84075963d2b7781c83fef151ef5

    • SHA256

      9847205726e692d21c63b551fbd4e7a75f582b2c090e09f98363e766cbe3cdcc

    • SHA512

      f67cb25c9207828e6ad91338e831dbcc102d882339620861caef2f77499a4bfb80c87211d8e5469682d7822678aad6c0f3ea7c5681a2d3ebfc46197a41e1ad0c

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pCkc30JqMopiqkgo:NABX

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks