General

  • Target

    fa6d048f9d51f34b442b8814baba7343e92a60ffa496f557ba6dc0a72f740228N.exe

  • Size

    1.7MB

  • Sample

    241113-3kd1fazrev

  • MD5

    18e336716eea05383f8c1317acd217b0

  • SHA1

    a480f89daaf32b80ed6e5c67dd1621c787c8b960

  • SHA256

    fa6d048f9d51f34b442b8814baba7343e92a60ffa496f557ba6dc0a72f740228

  • SHA512

    aa3d3e7a1edb41d1445356ac16c862faec099416add5d94923c530f5ea021dd845bece1d8475c56e1d5a62acf9cd728b5dc2a5c573adebf69746dd641f8e35de

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5yOBZlC8kas:GemTLkNdfE0pZyY

Score
10/10

Malware Config

Targets

    • Target

      fa6d048f9d51f34b442b8814baba7343e92a60ffa496f557ba6dc0a72f740228N.exe

    • Size

      1.7MB

    • MD5

      18e336716eea05383f8c1317acd217b0

    • SHA1

      a480f89daaf32b80ed6e5c67dd1621c787c8b960

    • SHA256

      fa6d048f9d51f34b442b8814baba7343e92a60ffa496f557ba6dc0a72f740228

    • SHA512

      aa3d3e7a1edb41d1445356ac16c862faec099416add5d94923c530f5ea021dd845bece1d8475c56e1d5a62acf9cd728b5dc2a5c573adebf69746dd641f8e35de

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5yOBZlC8kas:GemTLkNdfE0pZyY

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Xmrig family

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks