General
-
Target
drop2.exe
-
Size
2.5MB
-
Sample
241118-lb98vatckf
-
MD5
226eb2bbb97abbcabbd5bf08418cbe9c
-
SHA1
53c7485db2e1acb4b70a0a277d58e9ffec8a050d
-
SHA256
97e37eaf752b14313ee9aaa158f7028c092adeb4a902cb9618f58cffe29eeed2
-
SHA512
ccdb91715dc244364ac80bf7dff4b971b4ce5473ebed7f59a3ac68c4b5b7c0919cadf352a64b008d2af8ce5081440119a4db55d7b208de94411761cb42ce055b
-
SSDEEP
49152:8F6Y8mlBll44tW535rFyGAlvZVzfKQJYvDCZ3OL0WiqIZJdGUH1SOfSLA+DpHscK:TUBLTErFyGA1DJY7CZeL0WFwGUVSOf+b
Static task
static1
Behavioral task
behavioral1
Sample
drop2.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
drop2.exe
-
Size
2.5MB
-
MD5
226eb2bbb97abbcabbd5bf08418cbe9c
-
SHA1
53c7485db2e1acb4b70a0a277d58e9ffec8a050d
-
SHA256
97e37eaf752b14313ee9aaa158f7028c092adeb4a902cb9618f58cffe29eeed2
-
SHA512
ccdb91715dc244364ac80bf7dff4b971b4ce5473ebed7f59a3ac68c4b5b7c0919cadf352a64b008d2af8ce5081440119a4db55d7b208de94411761cb42ce055b
-
SSDEEP
49152:8F6Y8mlBll44tW535rFyGAlvZVzfKQJYvDCZ3OL0WiqIZJdGUH1SOfSLA+DpHscK:TUBLTErFyGA1DJY7CZeL0WFwGUVSOf+b
-
Xmrig family
-
XMRig Miner payload
-
Creates new service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Suspicious use of SetThreadContext
-