General
-
Target
249e267186fbd330e6fc2b7a90408f957174bc6d53e873d80b52646c624b3e01.exe
-
Size
2.8MB
-
Sample
240921-wbqjjsvdmg
-
MD5
93234f805896e962d7ec482e4820e557
-
SHA1
72317f05fbbbc0dd2b73a78fce60acac4eb19b0e
-
SHA256
249e267186fbd330e6fc2b7a90408f957174bc6d53e873d80b52646c624b3e01
-
SHA512
e8ae3695d6952b6c45bdfe7c78f93d4b347430b5e818e9883d7e7ce06024eefb4214db5147cb9031d0cba325d14c5b3c1733beb800d99c879f6dc7b4a6b5659f
-
SSDEEP
49152:w8pejD6g9dVPMa4ffOWkxLEqOQjIx9yUbBloXENjlAGmI8aWda9gnS+PbnczrOZi:46g9DmbkxLFO1x99VloXao+Ww6n/Dcz/
Malware Config
Targets
-
-
Target
249e267186fbd330e6fc2b7a90408f957174bc6d53e873d80b52646c624b3e01.exe
-
Size
2.8MB
-
MD5
93234f805896e962d7ec482e4820e557
-
SHA1
72317f05fbbbc0dd2b73a78fce60acac4eb19b0e
-
SHA256
249e267186fbd330e6fc2b7a90408f957174bc6d53e873d80b52646c624b3e01
-
SHA512
e8ae3695d6952b6c45bdfe7c78f93d4b347430b5e818e9883d7e7ce06024eefb4214db5147cb9031d0cba325d14c5b3c1733beb800d99c879f6dc7b4a6b5659f
-
SSDEEP
49152:w8pejD6g9dVPMa4ffOWkxLEqOQjIx9yUbBloXENjlAGmI8aWda9gnS+PbnczrOZi:46g9DmbkxLFO1x99VloXao+Ww6n/Dcz/
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Creates new service(s)
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-