Overview

overview

10

Static

static

10

0ce349972f...18.exe

windows7-x64

10

0ce349972f...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ce349972f46b3cccbdbb8ddc24b6532_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240501-3q83rscg35

  • MD5

    0ce349972f46b3cccbdbb8ddc24b6532

  • SHA1

    514a708a394b79a3ab5fb52258ffdb71574af502

  • SHA256

    c48505b2b0d4f13b696b7dace90ba2c862d2472c482c261e217581766f7a03ec

  • SHA512

    8f838112eebcf9ce7b67725e4101c3fe8002cc669699ab3724e264a87160f9b9a359fc9b6d563edc4ea60fffb23d4e8e72fbe21e7a0673173a687fa8109035b7

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5KIP7nTrmBhihM5xC+U/:NABA

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      0ce349972f46b3cccbdbb8ddc24b6532_JaffaCakes118

    • Size

      1.9MB

    • MD5

      0ce349972f46b3cccbdbb8ddc24b6532

    • SHA1

      514a708a394b79a3ab5fb52258ffdb71574af502

    • SHA256

      c48505b2b0d4f13b696b7dace90ba2c862d2472c482c261e217581766f7a03ec

    • SHA512

      8f838112eebcf9ce7b67725e4101c3fe8002cc669699ab3724e264a87160f9b9a359fc9b6d563edc4ea60fffb23d4e8e72fbe21e7a0673173a687fa8109035b7

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5KIP7nTrmBhihM5xC+U/:NABA

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks