General
-
Target
8c85440c62921c5f13105c06800d48d7c65094ae3dd54ecb8377fcc6f03cb503N
-
Size
5.2MB
-
Sample
241025-1gk88ssmel
-
MD5
28507e76251d6b17e4ad52e570ea7430
-
SHA1
b6ba870480bd4af5dae35e5dfaff7e2ae5724722
-
SHA256
8c85440c62921c5f13105c06800d48d7c65094ae3dd54ecb8377fcc6f03cb503
-
SHA512
eed4196ba21515365321049494a169160ce93551c58b36a136966598613b1e06cd0c6356843639d369be42db36514b9abbe0981ab57873c324c41e9fa1a00bc7
-
SSDEEP
98304:Pe3+ZPTVjEdQELHktz69IGel/Rt+P2kdLYP70pywaa5FooIOzJpDRHqYd+OPxU12:P8+Wbkz69PelZQ5LF6oFlpNxdRq1mcu
Static task
static1
Behavioral task
behavioral1
Sample
8c85440c62921c5f13105c06800d48d7c65094ae3dd54ecb8377fcc6f03cb503N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
8c85440c62921c5f13105c06800d48d7c65094ae3dd54ecb8377fcc6f03cb503N
-
Size
5.2MB
-
MD5
28507e76251d6b17e4ad52e570ea7430
-
SHA1
b6ba870480bd4af5dae35e5dfaff7e2ae5724722
-
SHA256
8c85440c62921c5f13105c06800d48d7c65094ae3dd54ecb8377fcc6f03cb503
-
SHA512
eed4196ba21515365321049494a169160ce93551c58b36a136966598613b1e06cd0c6356843639d369be42db36514b9abbe0981ab57873c324c41e9fa1a00bc7
-
SSDEEP
98304:Pe3+ZPTVjEdQELHktz69IGel/Rt+P2kdLYP70pywaa5FooIOzJpDRHqYd+OPxU12:P8+Wbkz69PelZQ5LF6oFlpNxdRq1mcu
-
Xmrig family
-
XMRig Miner payload
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-