Overview

overview

10

Static

static

10

379ee119f6...3c.exe

windows7-x64

10

379ee119f6...3c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    379ee119f6deb51ebd2271f03af4a1fddb42de072449b9c2bdfa61cbd0c8883c

  • Size

    1.5MB

  • Sample

    240416-zpqcgscd49

  • MD5

    3cb7f57bb6790fbeaf4e34603abfda71

  • SHA1

    5190acba76f9f0744812d0f39281f7dd36ddd999

  • SHA256

    379ee119f6deb51ebd2271f03af4a1fddb42de072449b9c2bdfa61cbd0c8883c

  • SHA512

    22d1a3a12ddaef9da82ac903d6edbb0e82bbb64791c568371e0fe81627587de71cc0f460cb26baa12cf56933a98f4a538b1b5f366e17e4a39decc49c26a2e321

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkFfkeMlN675EgEPgspmBAAotNnp0blOHx35To:Lz071uv4BPMkFfdg6NsIcX6

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      379ee119f6deb51ebd2271f03af4a1fddb42de072449b9c2bdfa61cbd0c8883c

    • Size

      1.5MB

    • MD5

      3cb7f57bb6790fbeaf4e34603abfda71

    • SHA1

      5190acba76f9f0744812d0f39281f7dd36ddd999

    • SHA256

      379ee119f6deb51ebd2271f03af4a1fddb42de072449b9c2bdfa61cbd0c8883c

    • SHA512

      22d1a3a12ddaef9da82ac903d6edbb0e82bbb64791c568371e0fe81627587de71cc0f460cb26baa12cf56933a98f4a538b1b5f366e17e4a39decc49c26a2e321

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkFfkeMlN675EgEPgspmBAAotNnp0blOHx35To:Lz071uv4BPMkFfdg6NsIcX6

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Detects executables containing URLs to raw contents of a Github gist

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks