General

  • Target

    2024-10-25_c3501d6ff82593562de8ad0eb339bbf1_snatch

  • Size

    4.1MB

  • Sample

    241025-tz2wdasala

  • MD5

    c3501d6ff82593562de8ad0eb339bbf1

  • SHA1

    8550a5874e04ed2ff938897b0606b0783e064742

  • SHA256

    fd3ff17c545781d97334e0f46dfef983422e0dfe33e5636929110183e75af683

  • SHA512

    97df414e62d4d33d5badd312851bd096e62218b8f437d5cd82a9577bde4b11c4c82e4cadc32c771f38f8afc802b6a9be56e2eb749316c15444e3c530530c2868

  • SSDEEP

    49152:OFFmvojGT33XCMB8D1XqayZsdWT23+1WNYmHhKEcAMJJSq/jqnC0G/yRKEYNXbJt:wFm8yNayecTdR/E7IJwCyRKE09pa/3I

Malware Config

Targets

    • Target

      2024-10-25_c3501d6ff82593562de8ad0eb339bbf1_snatch

    • Size

      4.1MB

    • MD5

      c3501d6ff82593562de8ad0eb339bbf1

    • SHA1

      8550a5874e04ed2ff938897b0606b0783e064742

    • SHA256

      fd3ff17c545781d97334e0f46dfef983422e0dfe33e5636929110183e75af683

    • SHA512

      97df414e62d4d33d5badd312851bd096e62218b8f437d5cd82a9577bde4b11c4c82e4cadc32c771f38f8afc802b6a9be56e2eb749316c15444e3c530530c2868

    • SSDEEP

      49152:OFFmvojGT33XCMB8D1XqayZsdWT23+1WNYmHhKEcAMJJSq/jqnC0G/yRKEYNXbJt:wFm8yNayecTdR/E7IJwCyRKE09pa/3I

    • Xmrig family

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks