Overview

overview

10

Static

static

10

adivina.exe

windows7-x64

1

adivina.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    adivina.exe

  • Size

    1.1MB

  • Sample

    250130-3cqz2avqhw

  • MD5

    af5da19a79e9e320c95617de8ce637e0

  • SHA1

    67e35d7d633d262f587342afbc508cdf8319d4c8

  • SHA256

    08c2de9da96a9659f95e6165d5edac0fc63d86f352963006fbf0f7942372aca9

  • SHA512

    a03949fb551bb70f71f17045a89b538398ff1018f7ce477670631787df193f297390ad79b15f6bec0bd943aafe4d00d5ef15c450064d8afc12aaa8ad19508d89

  • SSDEEP

    24576:L5WSWbZuFbWHS8Zti1tauerlxK+sf0N8zHM/F0GBP87xaVUhffp10NwyG8:LUSQZuFai3aLrHK+fN8zHM2hf70NwyG8

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      adivina.exe

    • Size

      1.1MB

    • MD5

      af5da19a79e9e320c95617de8ce637e0

    • SHA1

      67e35d7d633d262f587342afbc508cdf8319d4c8

    • SHA256

      08c2de9da96a9659f95e6165d5edac0fc63d86f352963006fbf0f7942372aca9

    • SHA512

      a03949fb551bb70f71f17045a89b538398ff1018f7ce477670631787df193f297390ad79b15f6bec0bd943aafe4d00d5ef15c450064d8afc12aaa8ad19508d89

    • SSDEEP

      24576:L5WSWbZuFbWHS8Zti1tauerlxK+sf0N8zHM/F0GBP87xaVUhffp10NwyG8:LUSQZuFai3aLrHK+fN8zHM2hf70NwyG8

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Drops startup file

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks