Overview

overview

10

Static

static

10

43818f3563...0N.exe

windows7-x64

10

43818f3563...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43818f356317a3fdaf9c4740c25fe070N.exe

  • Size

    1.6MB

  • Sample

    240726-xlsmbs1fje

  • MD5

    43818f356317a3fdaf9c4740c25fe070

  • SHA1

    9297178a00b4475dbbd153e0980852487a36d68e

  • SHA256

    be8f36c37ce2d5dd3500d9fc79367fa4cbdc259cb816de78d010359db525d2d2

  • SHA512

    70dfbe26c21603dd48a513eb03dd7678a5e0713544b69e0fa483df8a78620c27e3cf8c7f05daf2fa3544d5b9321807836ae28097dceee4478cf3a8b0655dc501

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTnHzlyPGkd+TKqxxLV:Lz071uv4BPMkFfdk2auTlGGxZ

Score
10/10
xmrigdiscoveryexecutionminerpersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      43818f356317a3fdaf9c4740c25fe070N.exe

    • Size

      1.6MB

    • MD5

      43818f356317a3fdaf9c4740c25fe070

    • SHA1

      9297178a00b4475dbbd153e0980852487a36d68e

    • SHA256

      be8f36c37ce2d5dd3500d9fc79367fa4cbdc259cb816de78d010359db525d2d2

    • SHA512

      70dfbe26c21603dd48a513eb03dd7678a5e0713544b69e0fa483df8a78620c27e3cf8c7f05daf2fa3544d5b9321807836ae28097dceee4478cf3a8b0655dc501

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTnHzlyPGkd+TKqxxLV:Lz071uv4BPMkFfdk2auTlGGxZ

    Score
    10/10
    xmrigexecutionminerpersistenceprivilege_escalationupxdiscovery

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.