General

  • Target

    a6abbe2140b92f86639184e5e021ba60N.exe

  • Size

    1.6MB

  • Sample

    240821-cp52lsygpr

  • MD5

    a6abbe2140b92f86639184e5e021ba60

  • SHA1

    5b2296f62e23045fd66960dee6870f3213bccd66

  • SHA256

    580f5b1f99475499abb802a86cc8e72683124584785e81a1bc35c57fcf1ccbf8

  • SHA512

    a9dbf294c8b3f794570b4cb03e2bf695a947e82e9a2b282441f32fb57b5cde0022efb5e25e7fdbc48c3296989f588e93d369e8b81c0c41cdc3908f91522b757f

  • SSDEEP

    24576:JanwhSe11QSONCpGJCjETPlGC78XIO6zRIhRmuSOj1I3GouHxtBM2P+yQo:knw9oUUEEDlGUh+hNjLHh3yo

Malware Config

Targets

    • Target

      a6abbe2140b92f86639184e5e021ba60N.exe

    • Size

      1.6MB

    • MD5

      a6abbe2140b92f86639184e5e021ba60

    • SHA1

      5b2296f62e23045fd66960dee6870f3213bccd66

    • SHA256

      580f5b1f99475499abb802a86cc8e72683124584785e81a1bc35c57fcf1ccbf8

    • SHA512

      a9dbf294c8b3f794570b4cb03e2bf695a947e82e9a2b282441f32fb57b5cde0022efb5e25e7fdbc48c3296989f588e93d369e8b81c0c41cdc3908f91522b757f

    • SSDEEP

      24576:JanwhSe11QSONCpGJCjETPlGC78XIO6zRIhRmuSOj1I3GouHxtBM2P+yQo:knw9oUUEEDlGUh+hNjLHh3yo

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks