General

  • Target

    ddead2ca7935cfb5470067968fe8099c76000c2ae1bfc9e1066caa9335c9c4bfN

  • Size

    1.5MB

  • Sample

    240923-hfljhaycqr

  • MD5

    bfea8e7392cb57e6a5e01c482d6c8a20

  • SHA1

    b308a5fe8a6ed35d9e6450c804d7ecc3e001eab5

  • SHA256

    ddead2ca7935cfb5470067968fe8099c76000c2ae1bfc9e1066caa9335c9c4bf

  • SHA512

    59122257ed765de015668c36278d0fb0431090c311acc864de998486c6fdfc15eb0d9ee506fe1d6030903ea374cb1686bfeed6cee93de71a3ae9531ad73ec0b3

  • SSDEEP

    24576:JanwhSe11QSONCpGJCjETPlGC78XCej06sSv8rcbQyfUkjPLtiZT/oK:knw9oUUEEDlGUrMjAkFiZh

Malware Config

Targets

    • Target

      ddead2ca7935cfb5470067968fe8099c76000c2ae1bfc9e1066caa9335c9c4bfN

    • Size

      1.5MB

    • MD5

      bfea8e7392cb57e6a5e01c482d6c8a20

    • SHA1

      b308a5fe8a6ed35d9e6450c804d7ecc3e001eab5

    • SHA256

      ddead2ca7935cfb5470067968fe8099c76000c2ae1bfc9e1066caa9335c9c4bf

    • SHA512

      59122257ed765de015668c36278d0fb0431090c311acc864de998486c6fdfc15eb0d9ee506fe1d6030903ea374cb1686bfeed6cee93de71a3ae9531ad73ec0b3

    • SSDEEP

      24576:JanwhSe11QSONCpGJCjETPlGC78XCej06sSv8rcbQyfUkjPLtiZT/oK:knw9oUUEEDlGUrMjAkFiZh

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks