General

  • Target

    4635a9149c53a2fbc072ceb338351d3b149e093cd43163e01d629bb016f8cd7c.exe

  • Size

    10.5MB

  • Sample

    241013-g81cpatbjc

  • MD5

    356279b22763084935165ad080b0ae9a

  • SHA1

    90877794babb6b77add711b1c4d422229e86cb8b

  • SHA256

    4635a9149c53a2fbc072ceb338351d3b149e093cd43163e01d629bb016f8cd7c

  • SHA512

    0a0f8772dcdd7de924f4544fc7f2a11bfd9bcab6db462c2367b393936a2d109c154a77028530cfbf5118c2c8e3125cfe84e753f136a58c004ac053c7f8072d73

  • SSDEEP

    196608:lLdF2/rYqrt2P5M6X8wvmOwfiQr+5oSJkT:lpM/rYqrkxHvGWoSM

Malware Config

Targets

    • Target

      4635a9149c53a2fbc072ceb338351d3b149e093cd43163e01d629bb016f8cd7c.exe

    • Size

      10.5MB

    • MD5

      356279b22763084935165ad080b0ae9a

    • SHA1

      90877794babb6b77add711b1c4d422229e86cb8b

    • SHA256

      4635a9149c53a2fbc072ceb338351d3b149e093cd43163e01d629bb016f8cd7c

    • SHA512

      0a0f8772dcdd7de924f4544fc7f2a11bfd9bcab6db462c2367b393936a2d109c154a77028530cfbf5118c2c8e3125cfe84e753f136a58c004ac053c7f8072d73

    • SSDEEP

      196608:lLdF2/rYqrt2P5M6X8wvmOwfiQr+5oSJkT:lpM/rYqrkxHvGWoSM

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks