Overview

overview

10

Static

static

10

2024-09-18...ll.exe

windows7-x64

3

2024-09-18...ll.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

1

$PLUGINSDI...ll.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$R0/Uninst...er.exe

windows7-x64

$R0/Uninst...er.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-09-18_2f3c30b558c3c3719e3fc14aa531df36_cryptolocker_floxif_hacktools_http-browser_mimikatz_webshell-shell

  • Size

    83.2MB

  • MD5

    2f3c30b558c3c3719e3fc14aa531df36

  • SHA1

    a725a868a436d3a3b034dc44fb1343753ec10301

  • SHA256

    2c57f5ffc024403404651ffe44a247e743c2d3c4bb81e9926bbff0dd28ebc4df

  • SHA512

    de0bb404fb964efdf58e8777fdcf826dbb8e51234359f8b5e1e0bc74b9d56dd4885e06dc5469805cfa9cacf978ec74c8e63a0679d1ea2bde0f7c39246a5ff4ad

  • SSDEEP

    1572864:DC/xxsCzStFQ38eXzzWxBhi6ZuRUjUFMQO0kw0QWLdVX:DwyteXzKxri8PjUF9OSPU

Score
10/10
minermimikatzxmrig

Malware Config

Signatures

  • Mimikatz family
    mimikatz
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • mimikatz is an open source tool to dump credentials on Windows 1 IoCs
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 2024-09-18_2f3c30b558c3c3719e3fc14aa531df36_cryptolocker_floxif_hacktools_http-browser_mimikatz_webshell-shell
    .exe windows:4 windows x86 arch:x86

    b34f154ec913d2d2c435cbd644e91687


    Headers

    Imports

    Sections

  • $PLUGINSDIR/SpiderBanner.dll
    .dll windows:5 windows x86 arch:x86

    90179d905cdca282880541c826651c15


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StdUtils.dll
    .dll windows:5 windows x86 arch:x86

    7b79709c0d5576549eb261e3410f95f8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/WinShell.dll
  • $PLUGINSDIR/app-64.7z
    .7z
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d31c5eb927119d00232e4d4b0e32fcdb


    Headers

    Imports

    Exports

    Sections

  • $R0/Uninstall OGFnPatcher.exe