General

  • Target

    3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e.exe

  • Size

    2.5MB

  • Sample

    240619-bmfs9s1cja

  • MD5

    fbfbe4ee13baecac3e7d16bec24cf079

  • SHA1

    360caf2bb458bee7e65c316099a868b929839d25

  • SHA256

    3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e

  • SHA512

    8f5d849e739430cdc560f9dbda5f2f72a07ed0493054298b0d195cf50c972e9a24effdb71cadeea6ced14663fc1268f4a0f45234f37aac334638ffcd8057b28a

  • SSDEEP

    49152:0GXNqt3/rQCbVuI1SjuNVASD++6ozKQ/hD5xkmIW3vFqbrBeL9SSKl:0Gm3/rQCbVuIioc9ihD5KmjteALgl

Malware Config

Targets

    • Target

      3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e.exe

    • Size

      2.5MB

    • MD5

      fbfbe4ee13baecac3e7d16bec24cf079

    • SHA1

      360caf2bb458bee7e65c316099a868b929839d25

    • SHA256

      3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e

    • SHA512

      8f5d849e739430cdc560f9dbda5f2f72a07ed0493054298b0d195cf50c972e9a24effdb71cadeea6ced14663fc1268f4a0f45234f37aac334638ffcd8057b28a

    • SSDEEP

      49152:0GXNqt3/rQCbVuI1SjuNVASD++6ozKQ/hD5xkmIW3vFqbrBeL9SSKl:0Gm3/rQCbVuIioc9ihD5KmjteALgl

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks