Overview

overview

10

Static

static

10

9ea524db2a...ac.exe

windows7-x64

10

9ea524db2a...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ea524db2a385c0ed27c07d6a5e6c284c6af386c050b6c58d08ffc59019f1bac

  • Size

    1.2MB

  • Sample

    250126-cm2w6szmaq

  • MD5

    11e89f8d158bcd69e42c19b90d10900d

  • SHA1

    5a30786d0dd3005a5b565626c148d6685c80c84d

  • SHA256

    9ea524db2a385c0ed27c07d6a5e6c284c6af386c050b6c58d08ffc59019f1bac

  • SHA512

    201f091922d4e16124e5f1f0b1afb1c27245f0cd9614da6ec0d817947d05359a13a8cbe59f367b804b843423c1baab6d5d0ed4957d13dff6281e24d511e82804

  • SSDEEP

    24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszQEMr2xqsAKzLH:GezaTF8FcNkNdfE0pZ9ozttwIRQwJ

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      9ea524db2a385c0ed27c07d6a5e6c284c6af386c050b6c58d08ffc59019f1bac

    • Size

      1.2MB

    • MD5

      11e89f8d158bcd69e42c19b90d10900d

    • SHA1

      5a30786d0dd3005a5b565626c148d6685c80c84d

    • SHA256

      9ea524db2a385c0ed27c07d6a5e6c284c6af386c050b6c58d08ffc59019f1bac

    • SHA512

      201f091922d4e16124e5f1f0b1afb1c27245f0cd9614da6ec0d817947d05359a13a8cbe59f367b804b843423c1baab6d5d0ed4957d13dff6281e24d511e82804

    • SSDEEP

      24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszQEMr2xqsAKzLH:GezaTF8FcNkNdfE0pZ9ozttwIRQwJ

    Score
    10/10
    xmrigminer

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks