xmrig | 9c4dbf2cc6c32c8758338271c02a242a0f1a2b43793bbfec12ee670d8af0e7b1

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9c4dbf2cc6c32c8758338271c02a242a0f1a2b43793bbfec12ee670d8af0e7b1
Size

8.8MB
Sample

241225-ylabesvqgr
MD5

d70b194cb6be8220feaaef5552b08f0e
SHA1

b78d7a373be8fe19a834e0c06d5c359765adc7d1
SHA256

9c4dbf2cc6c32c8758338271c02a242a0f1a2b43793bbfec12ee670d8af0e7b1
SHA512

2701fbca5bf17d57c58c6ccbea4396a633a3a236522862ae424d02c4f2ab25a67e2c33f0eb2b5e69783b20bf79e9d875081dc880f14e1f3024f1d0db57022aca
SSDEEP

196608:Itk2T23RP5jLIzOTl76xUAeezKNnyTA2qjLCz9r9g:Itk2TgRhh1+eezsSA2Q4Lg

Score

10^/10

xmrig miner

Malware Config

Targets

- Target
  
  yilu_win64/init.bat
- Size
  
  570B
- MD5
  
  5f0b790721e4cfc465796e81fd00bb42
- SHA1
  
  2316b2f6829d53dc68143f9f61df078e9399a16f
- SHA256
  
  31b06750810c7f6c7dd14fb6c3992b8db4dda7697b22ee084fba0f68c3bd4380
- SHA512
  
  d556bfa8617de7070f262809c36d81d8c7e9c751ecab64f07deec9e8fc5029961c249f273558264235bf5d1747e18b8a210203a92a4a24ecc034a0a412e6df5e
Score

1^/10
behavioral1 behavioral2
- Target
  
  yilu_win64/mservice.exe
- Size
  
  8.4MB
- MD5
  
  4fc37473050a221c7a6f38c0d4b40695
- SHA1
  
  efee704c3341dae5c348879961f4c6c2551c003c
- SHA256
  
  8b440442d3dba865de894836dd3ef9bb55b9eefffa688a481e3dbdfd764bfea1
- SHA512
  
  4ed354af8f3238f1871a9185ee0491a507907efd25c8d6abedd8d8b5c7d954746024bf6bf93f63d58c928007c7491ceb86e602ab12c51896067bcc763ee9a236
- SSDEEP
  
  49152:Nco2BFeiUpS8qBYkNglc0TOEmgpgEQaQU7W3q4eWkYHLEcdPrsWsxMXCzW00aqCd:+CibNNgeFmQR3q+/vXCz9sBU0hCyC
Score

1^/10
behavioral3 behavioral4
- Target
  
  yilu_win64/start.bat
- Size
  
  651B
- MD5
  
  6f4b08500983623ed72309776160b6c3
- SHA1
  
  7218de5c1e0084b3d8c769dbef6811f613e3cf52
- SHA256
  
  1de71dc26f5d4cd9d11da4eff601700d340cf99fb0f14176fc8c8e1f7c8bcd7e
- SHA512
  
  270153177855c8483b614879b66025e74a0bec4c1fd9c2a007f32bc39d67290019e5b94e5a1daf92840d6921015ff59f5050655d4b54a03914708adff1118755
Score

1^/10
behavioral5 behavioral6
- Target
  
  yilu_win64/stop.bat
- Size
  
  591B
- MD5
  
  9a00b71d42f4ed27e5aa1714b7e72b7c
- SHA1
  
  ac775885d291868e3b150ac8246942e42882f3de
- SHA256
  
  147be22acd696738965958862ed6049b13814e2edae89e3d75ffe3b3e86bbda7
- SHA512
  
  c0165e0ab11b35aaf04dc12fad7be557602dae0d9ca183607110362f0177f9892189af478fdebc316b6a46f14d5b67925acc00698d43e788f6324b4e44d0e903
Score

1^/10
behavioral7 behavioral8
- Target
  
  yilu_win64/work/protecta/OpenCL.dll
- Size
  
  63KB
- MD5
  
  9c70f52eb50eabfb7ff713437a8d9a21
- SHA1
  
  edbaeebb72b890f05f295a53ee41cd1c2ecd46ed
- SHA256
  
  aaf654c4779bb94adb94819a18ad4e7db9500e4875e1b2e5c24014cef6036625
- SHA512
  
  b0bd9d615a2fac19e2782a8d7133fe4fcbd7379c1d958cd7a3318d24843e84eb054d5b7a25818d91f0b2542ccdfb83168be8ca54895f10798f4a23452256e3f3
- SSDEEP
  
  1536:AuxSIRwTjbyMwAns1FGWeBvAUsv7PKsTD6:lNwTjbypAns1FG9xO7PKsTD6
Score

1^/10
behavioral10 behavioral9
- Target
  
  yilu_win64/work/protecta/protecta.exe
- Size
  
  4.2MB
- MD5
  
  c26f58bd560a7c3c743b03bfd43d65db
- SHA1
  
  f48676b6f25808fbcccacb1bb7dac669fdbf67c3
- SHA256
  
  c1abc93fd50dbf419b71534b8d77f390186843ecab21c33808e73fe84cef2079
- SHA512
  
  2308a7e4d2899f331bbe66f14c78c2533320965951085b4854c7c1211e81c78757270256f115ffa7d7993862683ff2856764ebfa24f3f288cfbdf7a784f57d31
- SSDEEP
  
  98304:zqKd+UB+FiS9HJ9Pzs1r6PIVeVlVzZuEvVsXTkcIAs96cqWxbhfGtj/PvHpWHXj:zhVBMiYHJ9Pzs1rfHs3j
Score

1^/10
behavioral11 behavioral12
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-convert-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  c0eab1b65bf0dfe39fa445e8917201a8
- SHA1
  
  782712643e5315a203ee8cac9343f9525e48d33b
- SHA256
  
  32043f7edd059c818e4c095efc6bdfb23add74ebf3439b1ae0e499986be6633d
- SHA512
  
  d4aee96c20723b97f6baffd8d5f707c738c082ab1c011ef3ab38061e05511ad33ccbb92ed39c6d4a659111af8d8f41c4c3368745c7ac3ee6a9c902ecf97c8611
- SSDEEP
  
  192:llUcyh4WmuFhWrzBODBQABJ/vez3FTOqnajUEomSKdLCg:3Dyh4WLhWoDBRJo3ol3So5
Score

1^/10
behavioral13
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-environment-l1-1-0.dll
- Size
  
  11KB
- MD5
  
  078e3162ac06af38a06e1a36e70ec112
- SHA1
  
  487e80d7e3a4bef2610edfb58a348687af8e5154
- SHA256
  
  4dc2257e893f188c6f5a2a0e4a4c05bec57f473bb24434b21ccee251d7085425
- SHA512
  
  9f0e85144b8a00c5ba628d81d8b17b9ec8824ba7718b23fa159850c168ead18ea3edc763b6a7f1d3c53b6ac65281e3384262afeeede9a673a63d3a3e0dc26d41
- SSDEEP
  
  192:9+WmuFhWmzBODBQABJiaIOqnajUEomSKdLCevi1:wWLhWFDBRJbRl3Soc1
Score

1^/10
behavioral14
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-filesystem-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  d40c9b7aed6d39c70d8fa880265bc943
- SHA1
  
  fad038efa560b97015434f82aba5539f233785e1
- SHA256
  
  2ed80e0d8468d52817d318de5756dc3660d8b2a08ddde45f86c899a53866d175
- SHA512
  
  0088e681b0b5d7b619d31d1900956dbf2950ac7ca7a855d0f1f4034f4c76ef1ce2c010c7e73b64ee2d101b8590a2e57d13d92aaa93d911138f4e27a040b908fd
- SSDEEP
  
  192:X881nWlC0i5CmoWmuFhWVzBODBQABJtZqnajiPNQV0X:X881nWm5C1WLhWODBRJtZlgeV0X
Score

1^/10
behavioral15
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-heap-l1-1-0.dll
- Size
  
  12KB
- MD5
  
  94c070298f2b99b1804a9d658da502de
- SHA1
  
  401d4c434c646e59f3eb35e0fc7c68c888804025
- SHA256
  
  bb10975c006f02f6b4837784425bcee846899896eb1ebc11373d67f18a62a49a
- SHA512
  
  3a07eace2fc3e9bd644857ad6af59e713bd557b500fb1840762f621940feeb6437494aa675b197d5a0e52b2f24811335c4761ae1f480985872abcc4987f1f034
- SSDEEP
  
  192:JCY17aFBRMWmuFhW8zBODBQABJq11qnajnp+MVQ/WwFv:pdWLhWfDBRJqPldBQewFv
Score

1^/10
behavioral16
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-locale-l1-1-0.dll
- Size
  
  11KB
- MD5
  
  2913bc358d2c4feb206bb26579416ba7
- SHA1
  
  99cf5a1a417ac5165650e2ae000b10c640642a58
- SHA256
  
  8798bd021c3234462058510785b752e1b2658da7be559b8cc8f7fcb421a39fbb
- SHA512
  
  ae6b64450ae9a085bf1f0c2068cfa109d316740ca0299ba67ee8a6462e96723144798e149b22bcc591003a14bfe8ecde8b8a5839442df0bf33ea21f6a077fce1
- SSDEEP
  
  192:zZ96WmuFhW3zBODBQABJaqnajjpxfpAu7/ET:zZ96WLhWMDBRJalB/Au7/ET
Score

1^/10
behavioral17
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-math-l1-1-0.dll
- Size
  
  20KB
- MD5
  
  d4345b4a487b979c31a23efea6418d21
- SHA1
  
  a98db042afd71ecffe8ce4f8460d0f0d779b541e
- SHA256
  
  214271b59e8fa9af76bf967a2c03410b1f9dae1f70daa2dd78bb6fe7176bd3b5
- SHA512
  
  c09343394b84eab7f4550c6ad5ee63e39e53a5c265db6bade64ff60ede2509a1552093f502e4e1a17c2be3e175a65ef931d29d217b7728def7a2bc112fe1d3d1
- SSDEEP
  
  384:MZVacWM4Oe59Ckb1hgmLk1WLhWjDBRJOylgeV:MZVJWMq59Bb1jk+81Pl
Score

1^/10
behavioral18
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-multibyte-l1-1-0.dll
- Size
  
  19KB
- MD5
  
  bada49558455d90020a0e09376edce56
- SHA1
  
  95af89443a615f7d38cb5c20d6986f01a1a860ac
- SHA256
  
  d2ca37a8015cc9602362f219dd85079f6095a667b87d7420a941493e43c76b6f
- SHA512
  
  58505889fda9c3f930df9d750632a09339cf2694c9abceed15d36f7e65fdc86133574c140f5ef514062f192aca5ffad830de14bf9dfabf816ebf07c36798dfd5
- SSDEEP
  
  384:6ngF7vLPmIHJI6/CpG3t2G3t4odXL71WLhWCDBRJ9I0lJRC:6Q/PmIHJI61+x1P9IIw
Score

1^/10
behavioral19
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-runtime-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  3ff8d5691ccfb6df18b19e9cbf40c9a7
- SHA1
  
  a662d7165c92800e7644338e935685e023608b81
- SHA256
  
  54e0b41fb454922eb541223ff155534dadacef37f7da0f16d5685ba27ae13ef6
- SHA512
  
  fd785586dee5390d424df8b88b99be6389653f04a05255e53bbcdeefb9e96e6ea74c6104e45179b33128d6457afdf5ddf5847db76fcd3a40bead7267e3dc77e7
- SSDEEP
  
  192:an9rMUnaPrpJhhf4AN5/KizWmuFhW/zBODBQABJZRdqnajiPNQV9:aC42r75WLhW0DBRJhlgeV9
Score

1^/10
behavioral20
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-stdio-l1-1-0.dll
- Size
  
  17KB
- MD5
  
  f2284b143d4ab8dbfa15fbcd6b162dec
- SHA1
  
  99af5ad9914f45624d97162bf1cd50f8ac59a32e
- SHA256
  
  156b19feec303b5ea5755969b9e652ed946f46e173f13987fe8ab6ca558b9bcf
- SHA512
  
  e3365e5e2842ddbae4b93da7b3d1bde50d6dbd5062bdfbcce24027b078fac29eb40ca7e97dd79b9bee234731c0cb6a7f593b114ae2a22915c652890d2496a1d8
- SSDEEP
  
  192:brjrvIDmMSNuWYFxEpah2WmuFhW1zBODBQABJSXZ3qnajBdrLGXKR:/3vAmiFVh2WLhWuDBRJSXFlXGXK
Score

1^/10
behavioral21
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-string-l1-1-0.dll
- Size
  
  17KB
- MD5
  
  13156ebd3b32db18bdade26fe6230205
- SHA1
  
  fb9173d2eb781630ce2edba26388ed5bff2b882d
- SHA256
  
  84c3bf49d25e33f5c2cc0efc73f7beb9791d1e969d5512591ec6cc8e8678e2de
- SHA512
  
  332cdd71222901bbb584bc6fb1dd4cfc278d966c58740709ac076331f3a88abd0f750dd6a5c40e76eb1253d08290d9278f95668a15c2553c7d1b6900f42c1cda
- SSDEEP
  
  384:aJNx0C5yguNvZ5VQgx3SbwA7yMVIkFGlPWLhW1DBRJLXBlJRaR:M75yguNvZ5VQgx3SbwA71IkFb+1PT9Q
Score

1^/10
behavioral22
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-time-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  16e8b82153c6c7790e252b9f73902ae5
- SHA1
  
  016aa2091cfed16c8b632639924d5590bd58aa93
- SHA256
  
  98f2a63522c117aae07bb6527a03d356400fffa3e62b61bc87f698cd6d1bcdc5
- SHA512
  
  a5b5327d5d974d91866f719b38adfb146660296f3687db6a8076089d901a0d11f45f02c76778061eda3204039b2e3b3589ee7f8b2e45498cf3d2af63e29702ce
- SSDEEP
  
  192:5nxuO/z7kzFD4WmuFhW0zBODBQABJuOqnajUEomSKdLC0:5nxPEzOWLhW3DBRJrl3SoF
Score

1^/10
behavioral23
- Target
  
  yilu_win64/work/protecte/api-ms-win-crt-utility-l1-1-0.dll
- Size
  
  11KB
- MD5
  
  11532383c4b0958646430586746c6991
- SHA1
  
  e5daeb946e67899632e405801a8cc0d8693f24d4
- SHA256
  
  7dfdbe5dbe3b944d1b8d6d722c90877292231508fc6c2bd6730588207230d322
- SHA512
  
  9e70f085ab83e594ced9bd585ac114f27437dd10a9739ad6a4e0a0a5c896cc79d39fb731feae02d25bff67229c74c5d0ff5558c009c07ec364185e3b7471a395
- SSDEEP
  
  192:SBfHQduAWmuFhW9zBODBQABJcI06qnaj87X/fMCXWW:SBfaWLhW2DBRJ7lJRW
Score

1^/10
behavioral24
- Target
  
  yilu_win64/work/protecte/msvcp140.dll
- Size
  
  618KB
- MD5
  
  9ff712c25312821b8aec84c4f8782a34
- SHA1
  
  1a7a250d92a59c3af72a9573cffec2fcfa525f33
- SHA256
  
  517cd3aac2177a357cca6032f07ad7360ee8ca212a02dd6e1301bf6cfade2094
- SHA512
  
  5a65da337e64ea42bcc461b411ae622ce4dec1036638b1e5de4757b366875d7f13c1290f2ee345f358994f648c5941db35aa5d2313f547605508fd2bcc047e33
- SSDEEP
  
  12288:eNQSZJrC30ovvjPo9E/YZt4QEKZm+jWodEEV2qwcg5MpccRwLM:0Z2jPo96QEKZm+jWodEEYqwcg5Mpck9
Score

1^/10
behavioral25 behavioral26
- Target
  
  yilu_win64/work/protecte/protecte.exe
- Size
  
  5.3MB
- MD5
  
  4af00e804a3f76842ea6f4f3f25341b8
- SHA1
  
  41c1b6aabc3c86059b518b6fd327aefd38493a11
- SHA256
  
  ea41c31aec0370398afcc728c508180e29300581a6a38bdcc8d3028907359ceb
- SHA512
  
  0f707a32337867fc018752b4a26753602323fc0f73d87c397a11a39616ea89fda85f376d8567d9aa0a6de81a8f34efdc5cef87226cd7ff66ec72bda1edf2c83c
- SSDEEP
  
  49152:wWe72AVXCTlqXLh+joC8RL+xfyv4Hk16TlfcmtTOK7cFxeJ5uOKWkV:IXCTlqXLh+joC8RL+khMiGrw
Score

1^/10
behavioral27 behavioral28
- Target
  
  yilu_win64/work/protecte/vcruntime140.dll
- Size
  
  85KB
- MD5
  
  edf9d5c18111d82cf10ec99f6afa6b47
- SHA1
  
  d247f5b9d4d3061e3d421e0e623595aa40d9493c
- SHA256
  
  d89c7b863fc1ac3a179d45d5fe1b9fd35fb6fbd45171ca68d0d68ab1c1ad04fb
- SHA512
  
  bf017aa8275c5b6d064984a606c5d40852aa70047759468395fe520f7f68b5452befc3145efaa7c51f8ec3bf71d9e32dbd5633637f040d58ff9a4b6953bf1cbf
- SSDEEP
  
  1536:6iOTTyN9d/mqN5fomseOpLZ5UP4nlf9ecbtGgcvg9EBIN:6DIVzgx5UAecbt4g9EuN
Score

1^/10
behavioral29 behavioral30
- Target
  
  yilu_win64/work/protectn/nvrtc-builtins64_80.dll
- Size
  
  9.1MB
- MD5
  
  e89a5b561ed725f8fda4ded2b884bd26
- SHA1
  
  df6f8c0f9ca31cc30dac91592049c88843ea0968
- SHA256
  
  0b43a8d5505e828fab51954476991159c1b3d540c4502614d3eb95e6ab5790f2
- SHA512
  
  dec3c9922234a3334f289c00b02beeccb01fae889a74213169aa75256d5be084c1b98c5010d7e5779f7b9b3969fa70d02062b66d267f3e95fff9d6b0671de26c
- SSDEEP
  
  49152:d/VmoMzVbxHifdz7coMzCbVbSz7WoMzVb2Hv4e+JSoMzCbVbSz74g:dQbIF7/bVO7ybKGJZbVO74g
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32