General
-
Target
f60f192f9a126ffd2dcfb77a01248a80N
-
Size
2.6MB
-
Sample
240907-wt77baxcnq
-
MD5
f60f192f9a126ffd2dcfb77a01248a80
-
SHA1
4ae64f5ce7eb525778159e0feebb1c2ac91e7258
-
SHA256
1e05f614858d46092a20dcccf7cf9a898c342ea22b1f4bdddf15848e08ac5342
-
SHA512
75323b203343834eba1ceac07983d95224871cfdedb0cc0c95b9f2920984b8e3265ab99331067068ddfa09a81f888d282c98f1c6f25e8d586345eca0a2f79688
-
SSDEEP
49152:TkBwfviiCBKaOw0K/6E6nQ6qYJuMF2t4s9Y7pfWSdcaJG48lDXF49Nrp:TkBjXYaOwX6E2TqiuO7s9YISdjNuDX
Malware Config
Targets
-
-
Target
f60f192f9a126ffd2dcfb77a01248a80N
-
Size
2.6MB
-
MD5
f60f192f9a126ffd2dcfb77a01248a80
-
SHA1
4ae64f5ce7eb525778159e0feebb1c2ac91e7258
-
SHA256
1e05f614858d46092a20dcccf7cf9a898c342ea22b1f4bdddf15848e08ac5342
-
SHA512
75323b203343834eba1ceac07983d95224871cfdedb0cc0c95b9f2920984b8e3265ab99331067068ddfa09a81f888d282c98f1c6f25e8d586345eca0a2f79688
-
SSDEEP
49152:TkBwfviiCBKaOw0K/6E6nQ6qYJuMF2t4s9Y7pfWSdcaJG48lDXF49Nrp:TkBjXYaOwX6E2TqiuO7s9YISdjNuDX
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Stops running service(s)
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-