Overview

overview

10

Static

static

10

5898b1ea1a...c0.exe

windows7-x64

10

5898b1ea1a...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5898b1ea1af1283f09b097c4eebe8fc0.bin

  • Size

    1.7MB

  • Sample

    240620-dhcxxsvfke

  • MD5

    5898b1ea1af1283f09b097c4eebe8fc0

  • SHA1

    2c3b8c84cfda2a6549acb110dcb6a06ea261b7bc

  • SHA256

    625085d60f6b987f9162ec0309ac242a3bb6c38a678c9bec61815d7655695aca

  • SHA512

    919a13c181a90bad50812097984ee35cddfc8ad6ce76e140a231a639b73e729adf2a43b2436c8dff0dc34478246ed561a762c602608a993c8f3bb7d26a721443

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTqaQV/cets/p1GgOCWg:Lz071uv4BPMkFfdk2auTqao/c/pSCWg

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      5898b1ea1af1283f09b097c4eebe8fc0.bin

    • Size

      1.7MB

    • MD5

      5898b1ea1af1283f09b097c4eebe8fc0

    • SHA1

      2c3b8c84cfda2a6549acb110dcb6a06ea261b7bc

    • SHA256

      625085d60f6b987f9162ec0309ac242a3bb6c38a678c9bec61815d7655695aca

    • SHA512

      919a13c181a90bad50812097984ee35cddfc8ad6ce76e140a231a639b73e729adf2a43b2436c8dff0dc34478246ed561a762c602608a993c8f3bb7d26a721443

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTqaQV/cets/p1GgOCWg:Lz071uv4BPMkFfdk2auTqao/c/pSCWg

    Score
    10/10
    xmrigexecutionminerupx

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks