General
-
Target
c63d113cd455a842ce7537d6f0f93830.exe
-
Size
1.8MB
-
Sample
240518-pzsv9acb2w
-
MD5
c63d113cd455a842ce7537d6f0f93830
-
SHA1
1a97aea7829336475ed65f038e48c977182c9c8c
-
SHA256
bd9c34a5a0c3915d83827c9023edc5a3374e65027942fdeb80d1da239c745863
-
SHA512
cb28fb242194b40b6de007c75bc0875af595aefcb7b41783a77d814409400157315a4c87e2bb86ca669a1df3424cc1433350cbad8f2cfee456954a8bd466edda
-
SSDEEP
49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SZaH:NABf
Behavioral task
behavioral1
Sample
c63d113cd455a842ce7537d6f0f93830.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
c63d113cd455a842ce7537d6f0f93830.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
c63d113cd455a842ce7537d6f0f93830.exe
-
Size
1.8MB
-
MD5
c63d113cd455a842ce7537d6f0f93830
-
SHA1
1a97aea7829336475ed65f038e48c977182c9c8c
-
SHA256
bd9c34a5a0c3915d83827c9023edc5a3374e65027942fdeb80d1da239c745863
-
SHA512
cb28fb242194b40b6de007c75bc0875af595aefcb7b41783a77d814409400157315a4c87e2bb86ca669a1df3424cc1433350cbad8f2cfee456954a8bd466edda
-
SSDEEP
49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SZaH:NABf
Score10/10-
XMRig Miner payload
-
Blocklisted process makes network request
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-