Overview

overview

10

Static

static

10

fe1f9ce6c7...0N.exe

windows7-x64

10

fe1f9ce6c7...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe1f9ce6c70a5970969b6a3874d7ff70N.exe

  • Size

    1.4MB

  • Sample

    240820-rpks1awgme

  • MD5

    fe1f9ce6c70a5970969b6a3874d7ff70

  • SHA1

    d41dd46e43d6094bcf91ab117b2e75dbc3af538e

  • SHA256

    271665f192c4ea996cba44fef20806accb4fb02954c85128e362a5ab39f512af

  • SHA512

    f1d7f53d9b879d29d873bd122cace16ddc7e01ed6ee9d1c95c12e1933435d0a45d2a4686489858bb86ac2b09727f6742ac4d915ac9169060b9f47879dc05d79f

  • SSDEEP

    24576:JanwhSe11QSONCpGJCjETPlWXWZ5PbcmC3f/8lkKJhlsr3Pznq82FD/v8F6V:knw9oUUEEDl37jcmWH8SKJhSnq8u3TV

Score
10/10
strelaxmrigminerstealerupx

Malware Config

Targets

    • Target

      fe1f9ce6c70a5970969b6a3874d7ff70N.exe

    • Size

      1.4MB

    • MD5

      fe1f9ce6c70a5970969b6a3874d7ff70

    • SHA1

      d41dd46e43d6094bcf91ab117b2e75dbc3af538e

    • SHA256

      271665f192c4ea996cba44fef20806accb4fb02954c85128e362a5ab39f512af

    • SHA512

      f1d7f53d9b879d29d873bd122cace16ddc7e01ed6ee9d1c95c12e1933435d0a45d2a4686489858bb86ac2b09727f6742ac4d915ac9169060b9f47879dc05d79f

    • SSDEEP

      24576:JanwhSe11QSONCpGJCjETPlWXWZ5PbcmC3f/8lkKJhlsr3Pznq82FD/v8F6V:knw9oUUEEDl37jcmWH8SKJhSnq8u3TV

    Score
    10/10
    strelaxmrigminerstealerupx

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks