General

  • Target

    2b32f503ed5469803b8c4fd1dceea9b9decaf1f1127a17971f9c88b5cd140492

  • Size

    2.8MB

  • Sample

    240803-ywjmvaydkf

  • MD5

    892ed18e98195aca5c5c0cde617411c0

  • SHA1

    ec3d23e73e063a85503f80f945f23be5354cb4fc

  • SHA256

    2b32f503ed5469803b8c4fd1dceea9b9decaf1f1127a17971f9c88b5cd140492

  • SHA512

    4e1628013cdbb01b55b7b18172ec72d6a87ecaa130e3186dad1815ba62830d2b28aa672a8df99b7caa03bf79493372b95c019d5c7eeb3263f84248f7c87b70cb

  • SSDEEP

    49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcq4nPeyNYtC6:w0GnJMOWPClFdx6e0EALKWVTffZiPAcM

Malware Config

Targets

    • Target

      2b32f503ed5469803b8c4fd1dceea9b9decaf1f1127a17971f9c88b5cd140492

    • Size

      2.8MB

    • MD5

      892ed18e98195aca5c5c0cde617411c0

    • SHA1

      ec3d23e73e063a85503f80f945f23be5354cb4fc

    • SHA256

      2b32f503ed5469803b8c4fd1dceea9b9decaf1f1127a17971f9c88b5cd140492

    • SHA512

      4e1628013cdbb01b55b7b18172ec72d6a87ecaa130e3186dad1815ba62830d2b28aa672a8df99b7caa03bf79493372b95c019d5c7eeb3263f84248f7c87b70cb

    • SSDEEP

      49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcq4nPeyNYtC6:w0GnJMOWPClFdx6e0EALKWVTffZiPAcM

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks