Overview

overview

10

Static

static

10

virussign....20.exe

windows7-x64

10

virussign....20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virussign.com_b9dd04882ae373c38c59555b2596c320.vir

  • Size

    1.9MB

  • Sample

    240528-ymdp8sba74

  • MD5

    b9dd04882ae373c38c59555b2596c320

  • SHA1

    20364ec6cee925fc912924f1424f624e5a021fe5

  • SHA256

    f8ec995ea8501196a07a2e33c605183dc22d401543e6c0a21a26168f1684abd0

  • SHA512

    3dd729f94b139867eea8bb6d83c14361eaaf35e9ecabb1393add699b12560bcf1dbd49f49521ce2a5f0c4749377769b03c7a4147e401e7ecde045460eb2b0e64

  • SSDEEP

    49152:ROdWCCi7/raU56uL3pgrCEd2KUgK/WWXjfXBEr:RWWBib356utgz

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      virussign.com_b9dd04882ae373c38c59555b2596c320.vir

    • Size

      1.9MB

    • MD5

      b9dd04882ae373c38c59555b2596c320

    • SHA1

      20364ec6cee925fc912924f1424f624e5a021fe5

    • SHA256

      f8ec995ea8501196a07a2e33c605183dc22d401543e6c0a21a26168f1684abd0

    • SHA512

      3dd729f94b139867eea8bb6d83c14361eaaf35e9ecabb1393add699b12560bcf1dbd49f49521ce2a5f0c4749377769b03c7a4147e401e7ecde045460eb2b0e64

    • SSDEEP

      49152:ROdWCCi7/raU56uL3pgrCEd2KUgK/WWXjfXBEr:RWWBib356utgz

    Score
    10/10
    xmrigminerupx

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks