Overview

overview

10

Static

static

3

NewTriage3...11.exe

windows10-ltsc 2021-x64

10

NewTriage3...48.exe

windows10-ltsc 2021-x64

10

NewTriage3...44.exe

windows10-ltsc 2021-x64

10

NewTriage3...07.exe

windows10-ltsc 2021-x64

10

NewTriage3...19.exe

windows10-ltsc 2021-x64

10

NewTriage3...94.exe

windows10-ltsc 2021-x64

10

NewTriage3...18.exe

windows10-ltsc 2021-x64

10

NewTriage3...99.exe

windows10-ltsc 2021-x64

10

NewTriage3...60.exe

windows10-ltsc 2021-x64

10

NewTriage3...32.exe

windows10-ltsc 2021-x64

10

NewTriage3...69.exe

windows10-ltsc 2021-x64

10

NewTriage3...75.exe

windows10-ltsc 2021-x64

10

NewTriage3...56.exe

windows10-ltsc 2021-x64

10

NewTriage3...95.exe

windows10-ltsc 2021-x64

10

NewTriage3...28.exe

windows10-ltsc 2021-x64

10

NewTriage3...68.exe

windows10-ltsc 2021-x64

10

NewTriage3...09.exe

windows10-ltsc 2021-x64

10

NewTriage3...48.exe

windows10-ltsc 2021-x64

10

NewTriage3...13.exe

windows10-ltsc 2021-x64

10

NewTriage3...53.exe

windows10-ltsc 2021-x64

10

NewTriage3...90.exe

windows10-ltsc 2021-x64

10

NewTriage3...83.exe

windows10-ltsc 2021-x64

10

NewTriage3...23.exe

windows10-ltsc 2021-x64

10

NewTriage3...33.exe

windows10-ltsc 2021-x64

10

NewTriage3...13.exe

windows10-ltsc 2021-x64

10

NewTriage3...13.exe

windows10-ltsc 2021-x64

10

NewTriage3...70.exe

windows10-ltsc 2021-x64

10

NewTriage3...09.exe

windows10-ltsc 2021-x64

10

NewTriage3...95.exe

windows10-ltsc 2021-x64

10

NewTriage3...24.exe

windows10-ltsc 2021-x64

10

NewTriage3...29.exe

windows10-ltsc 2021-x64

10

NewTriage3...88.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LnG6LghnkXZJfZHrWAaWqz8CDuBBT1T8y77rSTzTr14CzHQKe41p4wBbT4R4y7gJ .7z

  • Size

    4.0MB

  • Sample

    241125-3decmaymcm

  • MD5

    57b3ec2c0cbe5c0dc42d20eb53ce3a05

  • SHA1

    71729d2978be832c9b48da9ac2a32863a821f2f9

  • SHA256

    2b80e49ed86a673ba3bccd1b094173c7782bc8e76d017060cb4e083e77db5bb5

  • SHA512

    3ccc180b5b102b060190e802bc8e6c36439ed65d599268a37bb0e23ffab733d00dc54a1f15f9f9bdf8d7615dbc145e57a56fa80ff1d9c3740a5d210770576f26

  • SSDEEP

    98304:cBKvt/w8cHy4IwIT6uj5Z1jLf0Y1yidR4GyDPmNOCd:1t41HPIt9n1f34G3Njd

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      NewTriage32/0FIQyV6Y7Xr5l2Babpdw7BxF3pmGAW_555111.exe

    • Size

      2.5MB

    • MD5

      cc0332c715621146d8bc0b52380ac073

    • SHA1

      6a84ff08bc149092b4e232beb863323a647cbab9

    • SHA256

      0e52161625ade5fa542fb541f85a9ab3de30ea24bde66e0ce53766c71b6470ea

    • SHA512

      5908b885d5c8c7fcb9d82c3d3aec6efd17ae76fcc75666471a471881a94a8266171dc18d8574edb382fc4096af52fde60ec3e35538c47b921e764d953f689ea6

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeJ:VQ30goFvKwHQbMpTGFIHeJ

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      NewTriage32/0eWaFVMME4i8CeUdl7GzPYBotmpUYn_111448.exe

    • Size

      2.5MB

    • MD5

      46bf59876f16655d47e839b1e23947d8

    • SHA1

      bff5ff361012ac0abb78a919e8b6ba2ab8c9ec6a

    • SHA256

      238b4fdc9378d5404394bdd9da9df78ef78f5d4d5581736243a29372bfe04c32

    • SHA512

      d10da6cf604b40761e1e6c3e99b4dc62ede91ccbe5dc2b4039610b2f2f92b0744ae391840b8e903e42bc31ec8b5f64dcc065d756ca1f6c6eeb71e35722a3ec3a

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeZ:VQ30goFvKwHQbMpTGFIHeZ

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral2

    • Target

      NewTriage32/3Z3Mp2Wmizxd2DIEsM7DDf16jBK4BA_454444.exe

    • Size

      2.5MB

    • MD5

      f61c17acf0b448fa2312ead70c4f2bbf

    • SHA1

      7e6efcfe25866cdca0184d2a265e92ee48a58244

    • SHA256

      b1915854092a2148f2cf22180e1ad59d0ac0d0663cc90202eb330d687c7cac33

    • SHA512

      45a7ea6f038cb53992f060c8c9210bd0934e24b2156cc0fbf49593b6406ecf6ce636566e39a95e1aee3843b4ff4f77305022096191f3f8f167f2d7684440a16d

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeN:VQ30goFvKwHQbMpTGFIHeN

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3

    • Target

      NewTriage32/515bZt5WA4BFG0Pd00et3zugAykoVc_370007.exe

    • Size

      2.5MB

    • MD5

      1efd549d6f3ca69bf3e192cea4e7bb45

    • SHA1

      977af2bd17bb774d8523cc9629a0f610a8d8b6da

    • SHA256

      3238d3a9abbebcaf2bc122fb2ffcaf497d8d0cd0deae785f7699cf641178fa01

    • SHA512

      b9186b874727e30ee030d4fb21dbaadc3e88c808c350556b252e7c81109a057a5e9354cd389f6a8296b341441cd324998ca03810a81913e3d33118c353c1b60e

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHe2:VQ30goFvKwHQbMpTGFIHe2

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral4

    • Target

      NewTriage32/9wDXQIrr9O18lbO5AuiBBoF4HIiLvG_730619.exe

    • Size

      2.5MB

    • MD5

      81649c5a9122c053490148d02d77ffbf

    • SHA1

      3e59c53eb27421fe221bae4c68f38c64d348b394

    • SHA256

      de4b35e389a0c44b7344dd5b4dd87027800cb9f06d50477e33c2fff171763983

    • SHA512

      9b8e2319187fbf72ed763fb5f34622d7c5c8e66755cd9fe454785079cab6fb755f6fd9eda2dcb8fc3d6325725d877246d7a1a4512530ba076a1a058cecb53f99

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeh:VQ30goFvKwHQbMpTGFIHeh

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5

    • Target

      NewTriage32/BluucUtINzhMhP7UEOzRvKWeKF3ElC_177794.exe

    • Size

      2.5MB

    • MD5

      34a27ca82550c60f6ef0a999b9f5f3b8

    • SHA1

      56d96d0583eb9ea4b605e00eb61159e5f6f69e48

    • SHA256

      c7296fcb1718d49253210ccbcce06a64adaa45fee85cf82196e8b03465402fa1

    • SHA512

      10eb4e590f44a4a27f6fc99bbf3041aa7e40982f3c46b4752c35f339b54a268f7ed581286be4db093f8b0057ca2c5516e34b078fc1452dea4715d95fab202ada

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeR:VQ30goFvKwHQbMpTGFIHeR

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral6

    • Target

      NewTriage32/CIM13G2tG1jPH0GDc5TDUnmeJctQOY_834418.exe

    • Size

      2.5MB

    • MD5

      b0006b9587e82b893af66d91d92a9956

    • SHA1

      d5ed6cd3b3ab0e4d05a61c0b17765f0eae41e7ae

    • SHA256

      a229f35d28b04a3e9e94bd12bbe8c39c6218cf794322ad7301d65106bc74c49a

    • SHA512

      350095fc6cd6ad85b74034b0862d87a1aee22f37fff7dd1d1f5ad8926a48f5b72b44cdacff4adb3d2f197d129c5d8d61a1df59ff88e3f196a6588142f7d8123e

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeJ:VQ30goFvKwHQbMpTGFIHeJ

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7

    • Target

      NewTriage32/ERzZXEU0OucmBUsACZUNgjT9eYaf9x_450599.exe

    • Size

      2.5MB

    • MD5

      c09d03eccd92788bde7b42256a7029e1

    • SHA1

      976fa20c806b8c277778fed980d27d22e9e163f8

    • SHA256

      e7fda2baeec164e40225735f7d2738a1d76d172cb0d658efc6a33b21182e6c55

    • SHA512

      59d4dd7dacc7b2576561578901ad60a13ef4309bdf5e7f1e34456989f7ea15bb4c0574bf4d3ebcbe961aeee635dc8eb7924485469a33ab5f5eed6baccfbab266

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeH:VQ30goFvKwHQbMpTGFIHeH

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral8

    • Target

      NewTriage32/F9q6fc3Je5burTzPjkJ2c4eFD9J3Z2_837060.exe

    • Size

      2.5MB

    • MD5

      edcd8f3418815b34cf22bf6b76fcbfda

    • SHA1

      3420ce285c63cf552e648ccaa35c453fba2c2d9f

    • SHA256

      ee56803007d5fd1b2baf58eef463655c03f386549806283aede82fa03a3d7a10

    • SHA512

      d646d3ddfcc553abe478c3fdd978e2c84071072e97bee93af2e24fc0a70898da316f9e6aa75b1aee87636859ad935bd6a72d9d1f581f6b694ef6b040af9db1e0

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHev:VQ30goFvKwHQbMpTGFIHev

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral9

    • Target

      NewTriage32/GDJKTshwTTLwrERmdFI6tGe20KTcGl_569332.exe

    • Size

      2.5MB

    • MD5

      3db2afdcde47cd6821350b3ed6b3db2c

    • SHA1

      eb49d1bf22ebb385a6bc3f25fb1c58165c79b8b3

    • SHA256

      7c8b0bf1d94ee8b4b0f856edee73165dd7d594760dda449727c254e147ac025f

    • SHA512

      631863fee0e75c2fc3202cc3a8c19197247035b05273c3f3d9c7ecd7b9bf0543600ee3eb3401967b8337331bdc0660d7eecfdd888addcba30201ef45fbf37a81

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeb:VQ30goFvKwHQbMpTGFIHeb

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10

    • Target

      NewTriage32/IxXF7PeGlVVyHSXk9kYDLLDorJ5p7J_964969.exe

    • Size

      2.5MB

    • MD5

      dc4de596b27633f9835e6bcc3aee08eb

    • SHA1

      e391f7ae9af449836b34b6c4b689cda02e53c71b

    • SHA256

      6fe7e5d9b66bfa2a2d8fac07483f35f65520b6baef87cde3b99c513f7ade5cef

    • SHA512

      ec6ac054952ae520e3e77a6edeed6cc0ae03acea68039aecfaf57cfffa64597bc3c2841d4abfa1fe9324f71bb6eb748c97201f9e70a9815c4514d975a609816f

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHef:VQ30goFvKwHQbMpTGFIHef

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11

    • Target

      NewTriage32/MEMLrQGaysU0Is4D0tVyqiy2l3AP1A_588775.exe

    • Size

      2.5MB

    • MD5

      1573b087a3582c7436546763104acf3b

    • SHA1

      f6334a00a6549aac223b9d2ac0f37b83b99b111d

    • SHA256

      545b3da3b17b5f647796c0156d2da81d15d86183bf414f992352d222af8548ee

    • SHA512

      34ab0688de7815448d3e3933628a4c16a89c3c4c637f7c024a8603a2264bf9ae56d6591044d2cf6896e47fd9adbafbfdc96eb4626070b84eba4b42dcb59796ec

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeB:VQ30goFvKwHQbMpTGFIHeB

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral12

    • Target

      NewTriage32/MQjAVvRiDpRINMafdaHT8IsBj8utPd_192456.exe

    • Size

      2.5MB

    • MD5

      a9496d62cbf86c282c855007aa3b4043

    • SHA1

      af1a3ac4aa1ad87d7f48afa115badec3605e11b0

    • SHA256

      ed2dfa4eeae4a8ebf3aa41dacbe65b54ba24d0c6b55247345c819037afe3be09

    • SHA512

      80ef1d78a946d1a59469d35d243755cfa6aef998df144c24e49d368a996a0b5ca71dfbe7a75fe215d7e102bcbfd0821770fbae944c0d98c432c8f3dc80f7ae9d

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHe3:VQ30goFvKwHQbMpTGFIHe3

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral13

    • Target

      NewTriage32/Qv7F7BJUQxdXm9nQiEDbDybnIHdHB8_343595.exe

    • Size

      2.5MB

    • MD5

      c6205863fdd5aa1c432ca8998e65680f

    • SHA1

      5c42ce9411f6e85858a1abb410136946a703cb40

    • SHA256

      cb942f0f78f1b6b9d2d6c37694b217c9a19d03c0124f827474bad6fcc79e192a

    • SHA512

      83b60063f9dd56255282a6dc70822f55f7504bf123362ffa516fc35f7ea55ba04e75ca5e8a65aeda01af23936a981cfb42f36ebe208b3d30a4b4270ecad37028

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHek:VQ30goFvKwHQbMpTGFIHek

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral14

    • Target

      NewTriage32/T4LQPLErSXulryhem4uQ4QAbpfAZgL_342828.exe

    • Size

      2.5MB

    • MD5

      36649bcef054ce090635f2105e63dd5d

    • SHA1

      ed6aaf4bab85f3f661e8715bc264ae6ebaa14574

    • SHA256

      1304b5975a059c27e2956d8aa4945ee40279a1ef578d23e02be89eb05fe4d870

    • SHA512

      bd97f542b5d87c6eb43451a893f3bb527b814a62b79157e1969c392c007769d22f5c333528cf51a5e80325dc50fbdc0a4301745610606d805ee00f5c1fc91c6d

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHe/:VQ30goFvKwHQbMpTGFIHe/

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15

    • Target

      NewTriage32/UC4JijktZZpNqtHFPFf6AbUsbAPuLW_287868.exe

    • Size

      2.5MB

    • MD5

      73e87cc6d76aad5451a2fa590abcbd7e

    • SHA1

      3df2b9fda15e3ba179525db15648879368cb1031

    • SHA256

      e5eb8650e4c16ed60d4409f3c4caf27550d2a358229f37cc4aad1cb0d895b0c5

    • SHA512

      61a5a796bb1ca58d36442269835f9dffb0783d94256782327f69e1c11ea9ed72824948bfd953cfd4e654917db96c91ed21a0f0d57ba96b29b0b5cc68d379eabc

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHey:VQ30goFvKwHQbMpTGFIHey

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral16

    • Target

      NewTriage32/WqgNXU5K4wPnsIBxhQG6JeXkPxu9wZ_876009.exe

    • Size

      2.5MB

    • MD5

      87b5eb2820c1fb7c1aa7357de456ad9a

    • SHA1

      f4608d1dd75ef3f1ef6e740a459d4e3b380e9f41

    • SHA256

      57c3714d1e0b1d86bf50fdfa6b4e92dc0c5a6692a39e3b21829b44944a22b73b

    • SHA512

      3e0f6d7ad0964e716f32ec5b88328486d6f018551b3baf320f88696a45b99770fc9a89ff01fd956f3a1f6657ab28d1947373832745e2215503319a24eb87da36

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeY:VQ30goFvKwHQbMpTGFIHeY

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17

    • Target

      NewTriage32/XElH7OHKbWMiQUDjRkaewp4oy6evYZ_819648.exe

    • Size

      2.5MB

    • MD5

      34e7e8650ae05b0961fbea004e819198

    • SHA1

      75be23602f5d21cd3dbf31515bd6f8728e253653

    • SHA256

      b4cfd644d6fcb8fe5e4890431cdeab5579e46d3b6398f57a6c7b3139ca633274

    • SHA512

      778aff3878d31b58868923cc7a04138ca8d32c3cad35c9334cf27a5fcc88523f62b41dfb5b8c64679064ab788446fcc2d8fd52346937976ea59ffbf04c020256

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeZ:VQ30goFvKwHQbMpTGFIHeZ

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral18

    • Target

      NewTriage32/YfJZ6cyueGSX8fNFuC9lMEz5Mc7pRu_129913.exe

    • Size

      2.5MB

    • MD5

      e656848e99dd265ed2556536281dab44

    • SHA1

      708d0a84d2c068860bb7599dcca2ab2f9536943e

    • SHA256

      19a1fad56fc97dff89b3e78da6aa58d11b325d625cd6fe2736bf24c5c81171e5

    • SHA512

      5e82ca48dc1f1dac87d700e16f6f42e9f80788f468245e050ec8a9c74680c6e1e0dd9731602d39616908ab4ba582960a93a70de21d906473bf936cb67c3dfceb

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHew:VQ30goFvKwHQbMpTGFIHew

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19

    • Target

      NewTriage32/ZiALmE2W07FOULPcNq4hn3lHtAYRzS_389753.exe

    • Size

      2.5MB

    • MD5

      b1ea57598f5d158119c480d24827d28c

    • SHA1

      8abf804edc16b745515b8abb17979714c4481955

    • SHA256

      1aab4f0366ef6045d93b75812d3f07181ae5f4182a65346bd75004073348d573

    • SHA512

      578e51415a35af5b973b7cf8dfcfeb02afcc5dedadd77a23375ea3c19c30cd4bf85cc8796e1ac330a44904d1f7f33715290e2ec696bcc668709de00435b59322

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeg:VQ30goFvKwHQbMpTGFIHeg

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral20

    • Target

      NewTriage32/j04MjpDguJTg7zkKZ6kXScxHXgi5Gc_751390.exe

    • Size

      2.5MB

    • MD5

      fd848611897630a1add6ef296c66bbad

    • SHA1

      604bef75a2c1534398d5113229eb5f5b19d93b44

    • SHA256

      f4f554d970241f060f1598acc357caec1b9db7a6a3acbabde935acd37dc1150d

    • SHA512

      7cdb768931027def467324fb86c0a3c08783d9b37592b9f64c1ff73fc576e8ad417e401f303341879f616bf9402ba15e4b5215fd44b9124a5309bf46d57518cf

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHen:VQ30goFvKwHQbMpTGFIHen

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral21

    • Target

      NewTriage32/llFIdB78FJ7woex4wNLgKfvv0RnwsC_791083.exe

    • Size

      2.5MB

    • MD5

      e59c3cefe2e7db684a5b06b866664878

    • SHA1

      c4b7020fcf6a7d623618d681ce483233594b2772

    • SHA256

      f7075b84c6945aeb71c5db9ec67e9dd1f757fe0130cd6b9b982facf4c67af25b

    • SHA512

      9316d744eb07fa277764b974b8f7ef9d5159e0991c5c2c9fef8972a347e88fefea4ec2403358613785dde98d8a53fd739929fefb0246804908d3268003aa7d67

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHex:VQ30goFvKwHQbMpTGFIHex

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral22

    • Target

      NewTriage32/ngs5lEYM6AwkvNLObKj9Q34VxXT6n0_857823.exe

    • Size

      2.5MB

    • MD5

      0202951f301b48e7b7d20dd36d386a74

    • SHA1

      becd295fab547e59a63aaba4201463ae9a77882b

    • SHA256

      80f2496b4c4566d0d6d9e10be6614bb73559da24f6364e5e618c851f68d8a98b

    • SHA512

      3ae86b146b5308d89da6bdc132b45f5744ebae27603b948efb5f50dbe16a52fe9713ade69c416dcd6ad320146bda7b42664dbeeca1be5e34c9631368ff4ed1b4

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeV:VQ30goFvKwHQbMpTGFIHeV

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral23

    • Target

      NewTriage32/oZvS9DYOP2SnifshaaszUbeVPg2d6N_889133.exe

    • Size

      2.5MB

    • MD5

      2a04de1eee88f3448bbc8e7f04d96251

    • SHA1

      a44ae27ce51b2e63c950b6d1ed06a05bc2065e72

    • SHA256

      17c7627097975e874c17e5579a7c6b803b0e8e03521c4b7f9a14f874a8b9cfb8

    • SHA512

      466ff6e7cd46478b1c9b6c3cb3ef33734578cf02fa037d8fb3b822b5d9ad439891aa0eb1520add05dee071c4e3c94fe1edbde91cea6adcc1b2bceaede79188df

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHel:VQ30goFvKwHQbMpTGFIHel

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral24

    • Target

      NewTriage32/rWJoKbSTDehykfNbgA6Qp4MWcoesal_416113.exe

    • Size

      2.5MB

    • MD5

      c359a1a04e624e969ab8a2fc8160e9af

    • SHA1

      5697959d8029999056c4ee07469299d1bb97bbda

    • SHA256

      63bd3438f1a21254da956904359a073ee161ad227d3c1223cb094c78fa9ddd0c

    • SHA512

      4f4bcc0dfdbf4bf4af970808ab66370709f5b50142199afdbac6ba7ad3d00c9c8ff14174c08a322c75657056cd7c9ad44c7b4d5eb2bb00584ec5c61fcab822f7

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHe5:VQ30goFvKwHQbMpTGFIHe5

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25

    • Target

      NewTriage32/s5QNrz2UUhjTJ4WiGpMJ2587e4Q3vg_719213.exe

    • Size

      2.5MB

    • MD5

      6420795ad961bb86bdcb6e02b022149c

    • SHA1

      3de98db2dae63b2d599779771825bb147e408299

    • SHA256

      210ece3396bf161733c017705926334b3049c1d4fed5355c5d84726494fbf1ea

    • SHA512

      661cd208302afedf1fb6017b0d032f428317497899329c2f3e7ec6c69e27ae7794d2a4edae160ddfa8444d2d924e845054dea5a02c9b21942c91fe4f1d864650

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHe7:VQ30goFvKwHQbMpTGFIHe7

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral26

    • Target

      NewTriage32/swBY7rFoRs0zzlfS4h3sIxgDqrXvqY_624670.exe

    • Size

      2.5MB

    • MD5

      9ffa3892e5a23176254e24ce9ad74050

    • SHA1

      ebe979381e86cabdbace741e10aab55e96a5a937

    • SHA256

      99cdfb936a126609afae5c34110e89326db38ac8473bc39d1482d598d12201eb

    • SHA512

      5cf1d831263b37c2d238828d60f49efb6d12a851a1cb026f7eaace6ab57067dbd67f8382a40b5bfe52902ffac51339118a2f2bbb308f652da79c7fcfc5e20eff

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeO:VQ30goFvKwHQbMpTGFIHeO

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral27

    • Target

      NewTriage32/vUgR5kHOCtyOycAbgZqGF3hh5yJUyL_854309.exe

    • Size

      2.5MB

    • MD5

      be1561c5f856d9852329a75b9a236202

    • SHA1

      367853222030d17fc30a2c61d171bc340b9af1e9

    • SHA256

      87706ef65d0c7f03feb5d970183ab3e2e2d9365a15497833dad13cbde552363e

    • SHA512

      e4cd19359b92778292139a50106c4db1f7e6421d1e9b729f4c7de35c7593263f311422ff425f6957a60054f67b2e5b09e3de07c02d740a2442436a861d004c87

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeI:VQ30goFvKwHQbMpTGFIHeI

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral28

    • Target

      NewTriage32/vg0WFypYbJ92oY510TY6SSMowUeiz1_805795.exe

    • Size

      2.5MB

    • MD5

      64347de843bfbe4a329f06576bf12881

    • SHA1

      620be12eadb69967004e32c3c6efe93e48200ef7

    • SHA256

      6faaeddb4085c7beb5ce5c5978fd4df209de1f840c1a474d68792acdba9bad27

    • SHA512

      c740b5ec01a25afaf31cfa7b7b207861e1aaace2062e777b1e64a2e09aff4084cd64626fca9c4dc19b711bee13358a3984d3bbfb492bf8f5d00ac4c48e3d58d9

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeV:VQ30goFvKwHQbMpTGFIHeV

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral29

    • Target

      NewTriage32/vi2OgeX7SWjHNKNojgjtBizpwdveaR_792924.exe

    • Size

      2.5MB

    • MD5

      fdf4f491d123b6d10afdf78f5faf1e11

    • SHA1

      4d1a08eb2b12b912bcbb114fb5bc70c152fc43ca

    • SHA256

      188a3acf2c5f4679ecbbc26fc1511d4df7e17a32e2060af54b7dcac62bca7758

    • SHA512

      94573dc9989a1317e40a146aa69741e47a16e335e8f6209358c4ab551aeda5897fe3c1cad581b6092497de150fcd41e360bcd1f5dc4452c2d8c62ff41a54faa5

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHer:VQ30goFvKwHQbMpTGFIHer

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral30

    • Target

      NewTriage32/x5fl9njKlhz4fcmIKPC5kcPMtkBjNE_323629.exe

    • Size

      2.5MB

    • MD5

      08eb201dd021ca17ad6e5d51f0ed34a1

    • SHA1

      9f5b1af26e7730e3a724b95dc1093364b037b1a2

    • SHA256

      7523c84bbef19f6f869a18dc9b0211c514bd357e57fc072450ff1c82d37df878

    • SHA512

      73fe3e7d527e055688d0f966cbb789b731fd268d238153fb10698db7d80078db4aca045772b4636006fc9b775291321b999d9f0b643e83f3ab844865f721197e

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeb:VQ30goFvKwHQbMpTGFIHeb

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral31

    • Target

      NewTriage32/zRnttlXrbiJfLA82vGy8r9jr7b8LOg_046788.exe

    • Size

      2.5MB

    • MD5

      c5176cc0621d162c32da1204e484df57

    • SHA1

      6220f3973c1ae0c1964401e8ce0b40eb4d4aef29

    • SHA256

      917486485f6638f9f162d7db4439136ce0fef95f599ef631a2c9161d16e9dc4c

    • SHA512

      93fa135821337c1f7cf07094d9647fbbd125e6f5eb1d352f0b26301316699a7acde4e58d74f49d102b63c7cfc0626c1d32a7de56f7bc61adb6b43d130347dadc

    • SSDEEP

      49152:Kgf5bRKh3xW0yvsohrvKwgsORbI6WtEaFTGFyCTBIHeJ:VQ30goFvKwHQbMpTGFIHeJ

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral32

MITRE ATT&CK Matrix

Tasks

static1

Score
3/10

behavioral1

xmrigminerupx
Score
10/10

behavioral2

xmrigminerupx
Score
10/10

behavioral3

xmrigminerupx
Score
10/10

behavioral4

xmrigminerupx
Score
10/10

behavioral5

xmrigminerupx
Score
10/10

behavioral6

xmrigminerupx
Score
10/10

behavioral7

xmrigminerupx
Score
10/10

behavioral8

xmrigminerupx
Score
10/10

behavioral9

xmrigminerupx
Score
10/10

behavioral10

xmrigminerupx
Score
10/10

behavioral11

xmrigminerupx
Score
10/10

behavioral12

xmrigminerupx
Score
10/10

behavioral13

xmrigminerupx
Score
10/10

behavioral14

xmrigminerupx
Score
10/10

behavioral15

xmrigminerupx
Score
10/10

behavioral16

xmrigminerupx
Score
10/10

behavioral17

xmrigminerupx
Score
10/10

behavioral18

xmrigminerupx
Score
10/10

behavioral19

xmrigminerupx
Score
10/10

behavioral20

xmrigminerupx
Score
10/10

behavioral21

xmrigminerupx
Score
10/10

behavioral22

xmrigminerupx
Score
10/10

behavioral23

xmrigminerupx
Score
10/10

behavioral24

xmrigminerupx
Score
10/10

behavioral25

xmrigminerupx
Score
10/10

behavioral26

xmrigminerupx
Score
10/10

behavioral27

xmrigminerupx
Score
10/10

behavioral28

xmrigminerupx
Score
10/10

behavioral29

xmrigminerupx
Score
10/10

behavioral30

xmrigminerupx
Score
10/10

behavioral31

xmrigminerupx
Score
10/10

behavioral32

xmrigminerupx
Score
10/10