General
-
Target
658a6a072efe4e110cf1bcacb8361192b3d62387fab0fbc294eed6903568b144N
-
Size
3.9MB
-
Sample
241027-nw2hjsvng1
-
MD5
413ae52d8a8a3882bb45176d2253b8d0
-
SHA1
3b213febf0f9e83f16ea3ad6794edecc3de70afc
-
SHA256
658a6a072efe4e110cf1bcacb8361192b3d62387fab0fbc294eed6903568b144
-
SHA512
44c484930978adbd67946fe36d4d8209e7235b8eb669f60b1a2617b95f55a589bc73fc696c0100dad0e9950edab09c6154675605e74e04bccd52899d38f19b58
-
SSDEEP
98304:/MDtIXLr06AdfEThF35PzuFW+Wu+cT17Ykmc8TMGbTiK7TLeLT+4mT+4HnNhNB/U:prmEdF35+CiXzjx
Static task
static1
Behavioral task
behavioral1
Sample
658a6a072efe4e110cf1bcacb8361192b3d62387fab0fbc294eed6903568b144N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
658a6a072efe4e110cf1bcacb8361192b3d62387fab0fbc294eed6903568b144N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
658a6a072efe4e110cf1bcacb8361192b3d62387fab0fbc294eed6903568b144N
-
Size
3.9MB
-
MD5
413ae52d8a8a3882bb45176d2253b8d0
-
SHA1
3b213febf0f9e83f16ea3ad6794edecc3de70afc
-
SHA256
658a6a072efe4e110cf1bcacb8361192b3d62387fab0fbc294eed6903568b144
-
SHA512
44c484930978adbd67946fe36d4d8209e7235b8eb669f60b1a2617b95f55a589bc73fc696c0100dad0e9950edab09c6154675605e74e04bccd52899d38f19b58
-
SSDEEP
98304:/MDtIXLr06AdfEThF35PzuFW+Wu+cT17Ykmc8TMGbTiK7TLeLT+4mT+4HnNhNB/U:prmEdF35+CiXzjx
-
Xmrig family
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-