Overview

overview

10

Static

static

10

512415531e...71.exe

windows7-x64

10

512415531e...71.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    512415531e7f3ef14143d8ebb3c9fd804bb3a33dd907ac676364c6fabdf99871.zip

  • Size

    211KB

  • MD5

    94d74774b6c0f4b15d365f21ed6f8b65

  • SHA1

    ce974fec2cf84dd0e7154c101267aa87b4916483

  • SHA256

    992418223c75419c5052236a46a7cbb7a4855e5402ede0f2452cf0d7d69df1c4

  • SHA512

    2f6f9b1462f9a76d5880409384ddd518d4b457e4f273a894a0f9d63b009d66c8485435ebb4173f71b41524a50b11a538af916e53bda529739747826faf1c38cf

  • SSDEEP

    6144:FcjEchtp3fKmUVQe3VUYuuafG4XSWZv7p:FOhttKmUie3V2ua6qF

Score
10/10
minerloaderbotxmrig

Malware Config

Extracted

Family

loaderbot

C2

http://ih803741.myihor.ru/cmd.php

Signatures

  • LoaderBot executable 1 IoCs
  • Loaderbot family
    loaderbot
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 512415531e7f3ef14143d8ebb3c9fd804bb3a33dd907ac676364c6fabdf99871.zip
    .zip

    Password: threatbook

  • 512415531e7f3ef14143d8ebb3c9fd804bb3a33dd907ac676364c6fabdf99871
    .exe windows:4 windows x86 arch:x86

    Password: threatbook

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections