xmrig | 74544a16f620605e4812a5e1b9615388f2daafe0af8d96060d1d0a289cc3c656 | Triage

Resubmissions

20-12-2024 03:49

241220-edjqcaynaz 10

20-12-2024 03:47

241220-ecbcksymgz 10

Sharing

General

Target

windows.zip
Size

2.3MB
Sample

241220-edjqcaynaz
MD5

211b4a5689086e2706e0121dc39bb0a1
SHA1

08e732aef4f12ac6a6af52602a11ae5ca1781a9a
SHA256

74544a16f620605e4812a5e1b9615388f2daafe0af8d96060d1d0a289cc3c656
SHA512

081c8fc2c69e99192555c069445e8d4ae0dcd370bfc5aa1881d3bf64d6652868f2dd6bf2af6d3412be268b5a692eee16d39707c31b9794f9429ded06b860214c
SSDEEP

49152:tpcCbKqOgA8fN2cSw79tSntVQoEZhsMP28Bs/aDM++HGxZM9V7K:DbOt3t9EHsMPZBs/a5iGfcV7K

Score

10^/10

xmrig execution miner

Malware Config

Targets

- Target
  
  kthmimu.exe
- Size
  
  5.2MB
- MD5
  
  3edcde37dcecb1b5a70b727ea36521de
- SHA1
  
  0f2df3cae00d30300e6958bb9e9cda2758f9b1c9
- SHA256
  
  366b32c15ff2b30da5cafc1407e6dc49aa4bbecffc34c438302022acd1c00b8e
- SHA512
  
  16ec6b58a1d0f3fdbb9940245612aea4a8d6024ca71a9393ad2cc48dabd1575444c0d8d98992217d4526eb830523008d7e4961b3653db842c85f0dec4270d791
- SSDEEP
  
  98304:/RLRLj41OH4wAIOF+kmcIxJr+fx3k/sc37gz+li0pjY3l50XYarT:nj417x3Msc8Kli0JUuXYa3
Score

1^/10
behavioral1
- Target
  
  start.ps1
- Size
  
  2KB
- MD5
  
  2208ff484b710fa97536c08039a5c25c
- SHA1
  
  928c408e0668dd397464901f60ecaf559e9cece3
- SHA256
  
  5504e6eed79410349928af05caf3cbd4a8dc878ca68666dc348dee80dc31bc66
- SHA512
  
  0fd07a3f022438e009e7c9215f8e04643cba4c5ae678cfd4c3bcd9c468cff7ef9c8018622f82deee3ddcc29d62333014a8beff08c1ebee13b0a4f3cb4fbd9c1c
Score

3^/10

execution
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2