General
-
Target
NoxiHacks.rar
-
Size
14.1MB
-
Sample
210716-ghwh2qzgte
-
MD5
316d8aa437ddb5dc6b1c8e037cd58437
-
SHA1
0d4ca66b422098d71480561611f273efbabbec60
-
SHA256
b088a4539a2f2b62c871aed0b2fcd47467611c696c3a0c8a4b76135bcc72a78a
-
SHA512
f86ccc976181c7a293a8e4112541eaf8482776a8bff634e4e020b1d30716ba7332b88ecd6fc9a03924a0f85de10ee7933befd6c5adaf7b5432f127d5b125148a
Score
10/10
Malware Config
Targets
-
-
Target
NoxiHacks.exe
-
Size
14.3MB
-
MD5
3ad44261718c2e7c68c6afef218edeb4
-
SHA1
5a8317f1bc52cdaefbf96b0204672b55d50da820
-
SHA256
0f7d4ddc5e189f8d8590a87ddf62b2b35e6b816ce3481047ff6e87eeb2358abf
-
SHA512
10cf70b3fa1ed4f9f0aae4f427d622d8e05e8b1e725b26b027a0ec12de755d9f34d02bef27fa44bb0a46d2ec8d34152f433b245037ffe8740e62326e80873e1c
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner Payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-