Overview

overview

10

Static

static

10

s.bat

windows10-ltsc 2021-x64

10

s.bat

windows10-2004-x64

10

s.bat

windows10-ltsc 2021-x64

10

s.bat

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    s.bat

  • Size

    1KB

  • Sample

    241221-sjn4xa1qdy

  • MD5

    ccc7afd46efac5aca2f96dc6c6d757b5

  • SHA1

    981911ae2cf8c85fd9bbb70ea938105617c2aefd

  • SHA256

    35347449c9856b13ee6f4131fc675270c55566881a19cc3d6bc5d2b0709412bb

  • SHA512

    1d336a5827812cd871bdb1459536c5052e4cc50bde82d3e5fd7e474a1488bf55a0763f1d2cac7f6569a2ac6334f066a465cb7b74e52ddbb2d23bd2a31e7b3563

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      s.bat

    • Size

      1KB

    • MD5

      ccc7afd46efac5aca2f96dc6c6d757b5

    • SHA1

      981911ae2cf8c85fd9bbb70ea938105617c2aefd

    • SHA256

      35347449c9856b13ee6f4131fc675270c55566881a19cc3d6bc5d2b0709412bb

    • SHA512

      1d336a5827812cd871bdb1459536c5052e4cc50bde82d3e5fd7e474a1488bf55a0763f1d2cac7f6569a2ac6334f066a465cb7b74e52ddbb2d23bd2a31e7b3563

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks