General

  • Target

    jhi_service.exe

  • Size

    2.5MB

  • Sample

    240530-qh8qtahg9z

  • MD5

    1994ad04639f3d12c7bbfa37feb3434f

  • SHA1

    4979247e5a9771286a91827851527e5dbfb80c8e

  • SHA256

    c75f76cf5b34b4a165ad5705ae5229f67fc081d958239bf0faea58e6c342301c

  • SHA512

    adc4eb990fc6721a0a39cf9832f133bde025a31b3ecd4d84e076d8c454b40dd043f1f045f6f989febf2478999a190d116a58192c49d8b878414490e7ce451b43

  • SSDEEP

    49152:JeyI4v7SO1chT1kPoGyH22x8wfc3QC/FGQAC8TnWhVpihDHdggjrKCnQPzkwG:JtjehT1kA4wXGMRyk7Kg/nnY

Malware Config

Targets

    • Target

      jhi_service.exe

    • Size

      2.5MB

    • MD5

      1994ad04639f3d12c7bbfa37feb3434f

    • SHA1

      4979247e5a9771286a91827851527e5dbfb80c8e

    • SHA256

      c75f76cf5b34b4a165ad5705ae5229f67fc081d958239bf0faea58e6c342301c

    • SHA512

      adc4eb990fc6721a0a39cf9832f133bde025a31b3ecd4d84e076d8c454b40dd043f1f045f6f989febf2478999a190d116a58192c49d8b878414490e7ce451b43

    • SSDEEP

      49152:JeyI4v7SO1chT1kPoGyH22x8wfc3QC/FGQAC8TnWhVpihDHdggjrKCnQPzkwG:JtjehT1kA4wXGMRyk7Kg/nnY

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks