General
-
Target
f60f192f9a126ffd2dcfb77a01248a80N
-
Size
2.6MB
-
Sample
240907-wt77baxcnq
-
MD5
f60f192f9a126ffd2dcfb77a01248a80
-
SHA1
4ae64f5ce7eb525778159e0feebb1c2ac91e7258
-
SHA256
1e05f614858d46092a20dcccf7cf9a898c342ea22b1f4bdddf15848e08ac5342
-
SHA512
75323b203343834eba1ceac07983d95224871cfdedb0cc0c95b9f2920984b8e3265ab99331067068ddfa09a81f888d282c98f1c6f25e8d586345eca0a2f79688
-
SSDEEP
49152:TkBwfviiCBKaOw0K/6E6nQ6qYJuMF2t4s9Y7pfWSdcaJG48lDXF49Nrp:TkBjXYaOwX6E2TqiuO7s9YISdjNuDX
Static task
static1
Behavioral task
behavioral1
Sample
f60f192f9a126ffd2dcfb77a01248a80N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
f60f192f9a126ffd2dcfb77a01248a80N
-
Size
2.6MB
-
MD5
f60f192f9a126ffd2dcfb77a01248a80
-
SHA1
4ae64f5ce7eb525778159e0feebb1c2ac91e7258
-
SHA256
1e05f614858d46092a20dcccf7cf9a898c342ea22b1f4bdddf15848e08ac5342
-
SHA512
75323b203343834eba1ceac07983d95224871cfdedb0cc0c95b9f2920984b8e3265ab99331067068ddfa09a81f888d282c98f1c6f25e8d586345eca0a2f79688
-
SSDEEP
49152:TkBwfviiCBKaOw0K/6E6nQ6qYJuMF2t4s9Y7pfWSdcaJG48lDXF49Nrp:TkBjXYaOwX6E2TqiuO7s9YISdjNuDX
-
XMRig Miner payload
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-