Overview

overview

10

Static

static

10

43618870a1...e0.exe

windows7-x64

10

43618870a1...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    43618870a1aa957314f6b95fb2234ce0.exe

  • Size

    1.8MB

  • Sample

    240706-fdj7jswbqj

  • MD5

    43618870a1aa957314f6b95fb2234ce0

  • SHA1

    a8e6487b866e3bf58e64486b43f7f39c850421b0

  • SHA256

    a67b94e2292549066cfba134c88ede17ff1a680872b02445ffe055ffbd0b8e98

  • SHA512

    254a75c89090592d003d89c8917c85209beeef5d2e0d89b2e4eb272a6f481be8b134e4d308ef10107c15ed2f9195d8aa884740d315b022719b1a3ca3ec58dab2

  • SSDEEP

    49152:Lz071uv4BPMki8CnfLv3zQXtTEjy3DQnEa:NABi

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      43618870a1aa957314f6b95fb2234ce0.exe

    • Size

      1.8MB

    • MD5

      43618870a1aa957314f6b95fb2234ce0

    • SHA1

      a8e6487b866e3bf58e64486b43f7f39c850421b0

    • SHA256

      a67b94e2292549066cfba134c88ede17ff1a680872b02445ffe055ffbd0b8e98

    • SHA512

      254a75c89090592d003d89c8917c85209beeef5d2e0d89b2e4eb272a6f481be8b134e4d308ef10107c15ed2f9195d8aa884740d315b022719b1a3ca3ec58dab2

    • SSDEEP

      49152:Lz071uv4BPMki8CnfLv3zQXtTEjy3DQnEa:NABi

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks