Overview

overview

10

Static

static

3

Fatality.exe

windows11-21h2-x64

10

Fatality.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Fatality.zip

  • Size

    2.1MB

  • Sample

    250125-cj6qys1par

  • MD5

    3499106b4d37b5ed4feb89571e4000c7

  • SHA1

    ce75e91831893cdab90c10a53a3eeeae12019e7e

  • SHA256

    30df645529882a9bc059d0919f005fecba6b80561dfae9e9952824a776331d3d

  • SHA512

    7c190a238980eb955a0564ac9ed4cc71594d68cfc8fef044a58edb7bdf52c29c9695625524628a7e65db36c04cd984fa3f7bbe63ae7a088290439d926e8ee482

  • SSDEEP

    49152:iH6MZPEGZ5iXFfZMStKxAJkuGJ3L67o45Wb:26MJ/ZihUSi3Qo45Wb

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      Fatality.exe

    • Size

      2.1MB

    • MD5

      ab637a979ba3f9e64730d0d64bf55dc7

    • SHA1

      2701c106d3b66aa75852f82dfadef0c791e7bc87

    • SHA256

      f43db369e0af2af2f1b0abb8da9963e79f21c724b65d2a59db67ca5e4379fb19

    • SHA512

      120c9af2442d107d38bde79f80445bff0862e7dde6aa8c3388f0a69061588b0baee10e4ac9cfffcdb25728823e388bc6487e2fe447c758e4dd22d4168c8b7165

    • SSDEEP

      49152:r6yNBEGdFePFvVY09GPY9YuQHz/ITi4Na:r6yv/dcbY6YzQi4Na

    Score
    10/10
    xmrigexecutionminer

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks