General
-
Target
b1636448566aac1928012498d260aae0b3e354a66e658a441f3601dae2ce9f0e
-
Size
2.4MB
-
Sample
241110-b8gmpaxblg
-
MD5
203224c1e15dd121ef53d0d2ca3e4528
-
SHA1
d48368e00aee219bfd7819df3508c0b056c4f2dd
-
SHA256
b1636448566aac1928012498d260aae0b3e354a66e658a441f3601dae2ce9f0e
-
SHA512
7db1e267863169ccd9c65c4e5d07e2b453830ecb9ce61f5c2580898dbf3ab500a7a5ae5732d0e9099f437bd37bc4f291fdb4894fe1bc0b1515a4ada9199f95ee
-
SSDEEP
49152:QrWh7oYkqiiVJb8njS6EUn8zwnTxREgdlzAYn+BYH:Qc/4q8ESlz9
Static task
static1
Behavioral task
behavioral1
Sample
b1636448566aac1928012498d260aae0b3e354a66e658a441f3601dae2ce9f0e.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
b1636448566aac1928012498d260aae0b3e354a66e658a441f3601dae2ce9f0e
-
Size
2.4MB
-
MD5
203224c1e15dd121ef53d0d2ca3e4528
-
SHA1
d48368e00aee219bfd7819df3508c0b056c4f2dd
-
SHA256
b1636448566aac1928012498d260aae0b3e354a66e658a441f3601dae2ce9f0e
-
SHA512
7db1e267863169ccd9c65c4e5d07e2b453830ecb9ce61f5c2580898dbf3ab500a7a5ae5732d0e9099f437bd37bc4f291fdb4894fe1bc0b1515a4ada9199f95ee
-
SSDEEP
49152:QrWh7oYkqiiVJb8njS6EUn8zwnTxREgdlzAYn+BYH:Qc/4q8ESlz9
-
XMRig Miner payload
-
Xmrig family
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Download via BitsAdmin
-
Executes dropped EXE
-
Drops file in System32 directory
-