General

  • Target

    fa93ac502758ed11b7206021c53934ca8e24fdf32f4ed6a4afb4f83f72f36f1a.exe

  • Size

    2.7MB

  • Sample

    240522-xc4m8sce62

  • MD5

    7decf5024c3892253626c2d17d351dde

  • SHA1

    4bea74f2825082812d9349a5ef2326303dcbec19

  • SHA256

    fa93ac502758ed11b7206021c53934ca8e24fdf32f4ed6a4afb4f83f72f36f1a

  • SHA512

    e6fd5fd20839f8f497df01d99bc0320c626fce01b9e6f4e0d6235b995bb802bb613f0a81cfa33d1a57cdc385a098e7a0a2ed76563735530e4e7f2b02de5281f7

  • SSDEEP

    49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUJ8Y9c+Mw:N0GnJMOWPClFdx6e0EALKWVTffZiPAc0

Score
10/10

Malware Config

Targets

    • Target

      fa93ac502758ed11b7206021c53934ca8e24fdf32f4ed6a4afb4f83f72f36f1a.exe

    • Size

      2.7MB

    • MD5

      7decf5024c3892253626c2d17d351dde

    • SHA1

      4bea74f2825082812d9349a5ef2326303dcbec19

    • SHA256

      fa93ac502758ed11b7206021c53934ca8e24fdf32f4ed6a4afb4f83f72f36f1a

    • SHA512

      e6fd5fd20839f8f497df01d99bc0320c626fce01b9e6f4e0d6235b995bb802bb613f0a81cfa33d1a57cdc385a098e7a0a2ed76563735530e4e7f2b02de5281f7

    • SSDEEP

      49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUJ8Y9c+Mw:N0GnJMOWPClFdx6e0EALKWVTffZiPAc0

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks