General
-
Target
zx.exe
-
Size
5.4MB
-
Sample
230720-3hjsxabf8t
-
MD5
00ddee7f37fc5e215a882fc4087dbddc
-
SHA1
d037493f7241be289fe2bda32463fce91fe1b0ba
-
SHA256
ee29c2f2024806574391a1da48d9e38575cc93f9cbf57c9778e0e9bd7af5c45b
-
SHA512
ea8d2690bd262f7e31491851fad63f1df02e7c898d27b4b6cc17a91862b7209ad198c91793d30370c9a6f0d5c6c46105c4a2b43a9794091b9bff9f089fc48f2b
-
SSDEEP
98304:JSsnkpppRTS1x+fxxPC1NiUySli0QRG3GybVfxSM:J5nwpzgx+5s1MBYQY3Gyhfx
Malware Config
Targets
-
-
Target
zx.exe
-
Size
5.4MB
-
MD5
00ddee7f37fc5e215a882fc4087dbddc
-
SHA1
d037493f7241be289fe2bda32463fce91fe1b0ba
-
SHA256
ee29c2f2024806574391a1da48d9e38575cc93f9cbf57c9778e0e9bd7af5c45b
-
SHA512
ea8d2690bd262f7e31491851fad63f1df02e7c898d27b4b6cc17a91862b7209ad198c91793d30370c9a6f0d5c6c46105c4a2b43a9794091b9bff9f089fc48f2b
-
SSDEEP
98304:JSsnkpppRTS1x+fxxPC1NiUySli0QRG3GybVfxSM:J5nwpzgx+5s1MBYQY3Gyhfx
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Suspicious use of SetThreadContext
-