Overview

overview

10

Static

static

10

2edc64350d...AS.exe

windows7-x64

10

2edc64350d...AS.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2edc64350d384762b778638421d512e0_NEAS

  • Size

    1.9MB

  • Sample

    240506-2982fafh21

  • MD5

    2edc64350d384762b778638421d512e0

  • SHA1

    f8e5ca3ab0b5e4ea14ca113aaab6a8506357bc7b

  • SHA256

    aae66eb6a7724e389ddba54b1a0af98f3e8bc737afd6a31262dcd05145b3b508

  • SHA512

    0b87868aa6f2ef9c1655795a9eeddd99066337188177f139619e5d4eba012a7ed252186ef7a01d53003de42d97daaa9102cd2d85cb45d3af4fac2cd944960aba

  • SSDEEP

    49152:T1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrSax91MkibTIDOd5:T1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rx

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      2edc64350d384762b778638421d512e0_NEAS

    • Size

      1.9MB

    • MD5

      2edc64350d384762b778638421d512e0

    • SHA1

      f8e5ca3ab0b5e4ea14ca113aaab6a8506357bc7b

    • SHA256

      aae66eb6a7724e389ddba54b1a0af98f3e8bc737afd6a31262dcd05145b3b508

    • SHA512

      0b87868aa6f2ef9c1655795a9eeddd99066337188177f139619e5d4eba012a7ed252186ef7a01d53003de42d97daaa9102cd2d85cb45d3af4fac2cd944960aba

    • SSDEEP

      49152:T1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrSax91MkibTIDOd5:T1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rx

    Score
    10/10
    xmrigexecutionminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks