Overview

overview

10

Static

static

1

file01 - c...2).ps1

windows10-1703-x64

10

file01 - c...2).ps1

windows10-1703-x64

10

file01 - c...2).ps1

windows10-2004-x64

10

file01 - c...2).ps1

windows11-21h2-x64

10

file01 - c...3).ps1

windows10-2004-x64

10

file01 - c...3).ps1

windows10-1703-x64

10

file01 - c...3).ps1

windows10-2004-x64

10

file01 - c...3).ps1

windows11-21h2-x64

10

file01 - c...4).ps1

windows10-2004-x64

10

file01 - c...4).ps1

windows10-1703-x64

10

file01 - c...4).ps1

windows10-2004-x64

10

file01 - c...4).ps1

windows11-21h2-x64

10

file01 - c...5).ps1

windows11-21h2-x64

10

file01 - c...5).ps1

windows10-1703-x64

10

file01 - c...5).ps1

windows10-2004-x64

10

file01 - c...5).ps1

windows11-21h2-x64

10

file01 - c...6).ps1

windows10-2004-x64

10

file01 - c...6).ps1

windows10-1703-x64

10

file01 - c...6).ps1

windows10-2004-x64

10

file01 - c...6).ps1

windows11-21h2-x64

10

file01 - c...7).ps1

windows10-2004-x64

10

file01 - c...7).ps1

windows10-1703-x64

10

file01 - c...7).ps1

windows10-2004-x64

10

file01 - c...7).ps1

windows11-21h2-x64

10

file01 - c...8).ps1

windows10-2004-x64

10

file01 - c...8).ps1

windows10-1703-x64

10

file01 - c...8).ps1

windows10-2004-x64

10

file01 - c...8).ps1

windows11-21h2-x64

10

file01 - c...9).ps1

windows7-x64

3

file01 - c...9).ps1

windows10-1703-x64

10

file01 - c...9).ps1

windows10-2004-x64

10

file01 - c...9).ps1

windows11-21h2-x64

10

Resubmissions

27-05-2024 18:28

240527-w4c4xsdc7w 10

27-05-2024 18:28

240527-w4c4xsdc7v 10

27-05-2024 18:28

240527-w4cs6aed49 10

27-05-2024 18:28

240527-w4cs6aed48 10

27-05-2024 18:28

240527-w4cs6aed47 10

27-05-2024 18:28

240527-w4c4xsed52

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main2.rar

  • Size

    3KB

  • Sample

    240522-ywkvxaef7x

  • MD5

    ddbaf9ba5c17e79e55f47f4bb5fda284

  • SHA1

    9473230662f04b84a559aca32640ae3c25ad214b

  • SHA256

    08f3805606e1d457ed9e80b975bee0320651e3d5626e9e7cb896fd45e8fd0f7b

  • SHA512

    1f472663f949b3febe09b9a946c6a5c1d4f6ebb079658b5c534dbcd489bd2d28fc42b60562c21c0b307215538e409503ebfec42b93c60e0d8b5fc17aa247231d

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      file01 - copia (2).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral1behavioral2behavioral3behavioral4

    • Target

      file01 - copia (3).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral5behavioral6behavioral7behavioral8

    • Target

      file01 - copia (4).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral10behavioral11behavioral12behavioral9

    • Target

      file01 - copia (5).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral13behavioral14behavioral15behavioral16

    • Target

      file01 - copia (6).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral17behavioral18behavioral19behavioral20

    • Target

      file01 - copia (7).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral21behavioral22behavioral23behavioral24

    • Target

      file01 - copia (8).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral25behavioral26behavioral27behavioral28

    • Target

      file01 - copia (9).ps1

    • Size

      510B

    • MD5

      2dcb4d51653aec1a829f3232d69f5e12

    • SHA1

      dd096e7d800b9f3ca0edc64955b4464d71789f80

    • SHA256

      d1902d3e519d0d87097fd8969280bd01bd139a5191faadaed0149e61b4a7495c

    • SHA512

      7def3731bbb3f7ac3895edcf14c645bbcc0608f09c6b03bf7ddaebf049f1f6f1aad4086548ab9fce7b2bbefd837de8377f8b81cf94022d84e35f1bba0af89143

    Score
    10/10
    executionxmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral29behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

8
T1059

PowerShell

8
T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

xmrigexecutionminer
Score
10/10

behavioral2

xmrigexecutionminer
Score
10/10

behavioral3

xmrigexecutionminer
Score
10/10

behavioral4

xmrigexecutionminer
Score
10/10

behavioral5

xmrigexecutionminer
Score
10/10

behavioral6

xmrigexecutionminer
Score
10/10

behavioral7

xmrigexecutionminer
Score
10/10

behavioral8

xmrigexecutionminer
Score
10/10

behavioral9

xmrigexecutionminer
Score
10/10

behavioral10

xmrigexecutionminer
Score
10/10

behavioral11

xmrigexecutionminer
Score
10/10

behavioral12

xmrigexecutionminer
Score
10/10

behavioral13

xmrigexecutionminer
Score
10/10

behavioral14

xmrigexecutionminer
Score
10/10

behavioral15

xmrigexecutionminer
Score
10/10

behavioral16

xmrigexecutionminer
Score
10/10

behavioral17

xmrigexecutionminer
Score
10/10

behavioral18

xmrigexecutionminer
Score
10/10

behavioral19

xmrigexecutionminer
Score
10/10

behavioral20

xmrigexecutionminer
Score
10/10

behavioral21

xmrigexecutionminer
Score
10/10

behavioral22

xmrigexecutionminer
Score
10/10

behavioral23

xmrigexecutionminer
Score
10/10

behavioral24

xmrigexecutionminer
Score
10/10

behavioral25

xmrigexecutionminer
Score
10/10

behavioral26

xmrigexecutionminer
Score
10/10

behavioral27

xmrigexecutionminer
Score
10/10

behavioral28

xmrigexecutionminer
Score
10/10

behavioral29

execution
Score
3/10

behavioral30

xmrigexecutionminer
Score
10/10

behavioral31

xmrigexecutionminer
Score
10/10

behavioral32

xmrigexecutionminer
Score
10/10