Overview

overview

10

Static

static

10

399d976e20...3N.exe

windows7-x64

10

399d976e20...3N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    399d976e2094cb43e90cd4e16e69cfebd9601959971d9de31b68bc0d27107d03N.exe

  • Size

    1.4MB

  • Sample

    241226-ek1bnswpgl

  • MD5

    afa37a91bfe0ef0c7bd8c886f6a2f660

  • SHA1

    372d280325b01857005b21340a336a6f7e92cb28

  • SHA256

    399d976e2094cb43e90cd4e16e69cfebd9601959971d9de31b68bc0d27107d03

  • SHA512

    8c3059e3d3749855836ebc7e4bf5b48402d4d4c9bbdbba905b8496b9f49ec6f7dab26f78abcc4b59c119137dad52d7f959916e96c6245cf96aa7ccdb12f9fb0d

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWYL+t6kw2bPP+TWF:Lz071uv4BPMkibTIA5LDGTP5

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      399d976e2094cb43e90cd4e16e69cfebd9601959971d9de31b68bc0d27107d03N.exe

    • Size

      1.4MB

    • MD5

      afa37a91bfe0ef0c7bd8c886f6a2f660

    • SHA1

      372d280325b01857005b21340a336a6f7e92cb28

    • SHA256

      399d976e2094cb43e90cd4e16e69cfebd9601959971d9de31b68bc0d27107d03

    • SHA512

      8c3059e3d3749855836ebc7e4bf5b48402d4d4c9bbdbba905b8496b9f49ec6f7dab26f78abcc4b59c119137dad52d7f959916e96c6245cf96aa7ccdb12f9fb0d

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWYL+t6kw2bPP+TWF:Lz071uv4BPMkibTIA5LDGTP5

    Score
    10/10
    xmrigexecutionminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks