General
-
Target
Nitro.exe
-
Size
56.5MB
-
Sample
241027-qt3zpsyflp
-
MD5
cb5704b35d6f1420581b825a8faee883
-
SHA1
966b5157bd954ca13385db782b39ed56c5a52b9e
-
SHA256
6cf2cd2b186c6d10c081cb5afe7689d52b3ccc3da937c920718724c26573946a
-
SHA512
7276ed0bf256bc9895712c5de6d8c25851d867c62b2688d44e7cbd3ef63eeee0774345e3221665e3fb8e5a24343d7c45dafac7e308b1a67db24d8afab0ce91cb
-
SSDEEP
786432:brZMUVo6ix6I/AXpORG0zC5lYSI0yhRaJ9r3uXSr7dcS1Se34sey66TM0Mg0G+/c:bAwIcpIGsERI0puXSr7qS1eGsO+/QD
Static task
static1
Malware Config
Targets
-
-
Target
Nitro.exe
-
Size
56.5MB
-
MD5
cb5704b35d6f1420581b825a8faee883
-
SHA1
966b5157bd954ca13385db782b39ed56c5a52b9e
-
SHA256
6cf2cd2b186c6d10c081cb5afe7689d52b3ccc3da937c920718724c26573946a
-
SHA512
7276ed0bf256bc9895712c5de6d8c25851d867c62b2688d44e7cbd3ef63eeee0774345e3221665e3fb8e5a24343d7c45dafac7e308b1a67db24d8afab0ce91cb
-
SSDEEP
786432:brZMUVo6ix6I/AXpORG0zC5lYSI0yhRaJ9r3uXSr7dcS1Se34sey66TM0Mg0G+/c:bAwIcpIGsERI0puXSr7qS1eGsO+/QD
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Xmrig family
-
XMRig Miner payload
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-