Overview

overview

10

Static

static

10

ca22516f27...47.exe

windows7-x64

10

ca22516f27...47.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca22516f27a7cc654d074b602ce456968223818ed73bb28d8aff0749fe960f47

  • Size

    3.3MB

  • Sample

    241118-23m6dsxbmh

  • MD5

    e9ddd7d88dfb36e63786255c0e58c900

  • SHA1

    10fe86abd076859318781516bc21de680363ef81

  • SHA256

    ca22516f27a7cc654d074b602ce456968223818ed73bb28d8aff0749fe960f47

  • SHA512

    6b311a2e61a35f1dc1ee93de0cad2b7fce3a40f616d1a522fb27d028e0f9eb67915778bbfcb0b9319f88b41c4213ee464f8f1694b7b011f37951d5382bf9d3ef

  • SSDEEP

    98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWe:7bBeSFkS

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      ca22516f27a7cc654d074b602ce456968223818ed73bb28d8aff0749fe960f47

    • Size

      3.3MB

    • MD5

      e9ddd7d88dfb36e63786255c0e58c900

    • SHA1

      10fe86abd076859318781516bc21de680363ef81

    • SHA256

      ca22516f27a7cc654d074b602ce456968223818ed73bb28d8aff0749fe960f47

    • SHA512

      6b311a2e61a35f1dc1ee93de0cad2b7fce3a40f616d1a522fb27d028e0f9eb67915778bbfcb0b9319f88b41c4213ee464f8f1694b7b011f37951d5382bf9d3ef

    • SSDEEP

      98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWe:7bBeSFkS

    Score
    10/10
    xmrigexecutionminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks