Overview

overview

10

Static

static

3

ICBM.exe

windows7-x64

1

ICBM.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ICBM.7z

  • Size

    767KB

  • Sample

    241031-3djmcasqbz

  • MD5

    93e7f7080797b83f022783663051cac6

  • SHA1

    dd0944cdf23b767f40a633319b58f15c5e07e9a7

  • SHA256

    3d975853527f3c27c107f2ffc2371203b062280690cc0e8ead2368128b1a2d1f

  • SHA512

    549f288d3353dfae80257b3dce54af48c02e947bfe3974771d9711032c60224103cbeba9a2f8bd70a20d1e37742dd8b4b8a72ed63eb4f07a5fe241231aafb309

  • SSDEEP

    12288:uo0PgpFx+PqCLU9vVzgfTIu7DUKs3NfqmrIoE82W3f/YdAwJi9btEL05iwoMuVzk:JugpFwUfzSHUKs3Ny49ttC05dFaAHiCp

Score
10/10
xmrigdropperexecutionminer

Malware Config

Targets

    • Target

      ICBM.exe

    • Size

      2.5MB

    • MD5

      7f4ab17c8ad7b40f534a04df2ccb173a

    • SHA1

      632fea5cdd848ed91429fe23eee710c0e8da1eea

    • SHA256

      a9665eff0a88b9ac3c3ca0a53cbb8ba8624644ee1a1d8ae60fa3d9925b961780

    • SHA512

      7ac032df41360ba46dcb80a64a6546b815a5dc3295aa66eaf834e40402b44bfed53a6562b21c2ead4cf6b30553730941c73df093fa6077b3589876c13b724548

    • SSDEEP

      49152:YiBToTd1klhXkIyKg6LQiuD2fDLeqt3yhkWwwxS9p/iLwdQIZL:K1QdW6f6xIi9IZL

    Score
    10/10
    xmrigdropperexecutionminer

    • XMRig Miner payload

      miner

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Download via BitsAdmin

      dropper

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks