c005850a2ea4419ab7505939378ac2a08e5d59ce8d01503a48aedf9fa44cb99e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c005850a2ea4419ab7505939378ac2a08e5d59ce8d01503a48aedf9fa44cb99e
Size

1KB
Sample

240723-mbx4ys1fll
MD5

259242f33eb3ca69afd36dfd49841931
SHA1

374775a440f6353e3c3ce0b94453f5601da9a7f4
SHA256

c005850a2ea4419ab7505939378ac2a08e5d59ce8d01503a48aedf9fa44cb99e
SHA512

4f91390605eb220a97a68dbd6158c7c2fbdba211eca00d267eb32a6bca6ecb19b6de0a6dd997f84a381ab548d5da3a111329fd21bb509f5e30e7325b0bb9fb3e

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-msvc-win64.zip

Targets

- Target
  
  c005850a2ea4419ab7505939378ac2a08e5d59ce8d01503a48aedf9fa44cb99e
- Size
  
  1KB
- MD5
  
  259242f33eb3ca69afd36dfd49841931
- SHA1
  
  374775a440f6353e3c3ce0b94453f5601da9a7f4
- SHA256
  
  c005850a2ea4419ab7505939378ac2a08e5d59ce8d01503a48aedf9fa44cb99e
- SHA512
  
  4f91390605eb220a97a68dbd6158c7c2fbdba211eca00d267eb32a6bca6ecb19b6de0a6dd997f84a381ab548d5da3a111329fd21bb509f5e30e7325b0bb9fb3e
Score

8^/10

execution
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2