General
-
Target
029fd6a3510aab486c143ef645344ce2_JaffaCakes118
-
Size
1.8MB
-
Sample
240427-g6az1sch78
-
MD5
029fd6a3510aab486c143ef645344ce2
-
SHA1
3feee81fc2885e5a8312ac31503e98ee367ef580
-
SHA256
467771d19b2aecdd8b24987b3546b851cd6ef547c05b30a3333f2f9fa5b838ed
-
SHA512
fd40722daa6adde71c5eb1c675af4380071c37009d8dce2d474453ce8561ca8a1e97a896ace63cd2fb34a1d01b04617359afa65008c03da7151e9cce31fcfe61
-
SSDEEP
49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SflDrlf:NABk
Malware Config
Targets
-
-
Target
029fd6a3510aab486c143ef645344ce2_JaffaCakes118
-
Size
1.8MB
-
MD5
029fd6a3510aab486c143ef645344ce2
-
SHA1
3feee81fc2885e5a8312ac31503e98ee367ef580
-
SHA256
467771d19b2aecdd8b24987b3546b851cd6ef547c05b30a3333f2f9fa5b838ed
-
SHA512
fd40722daa6adde71c5eb1c675af4380071c37009d8dce2d474453ce8561ca8a1e97a896ace63cd2fb34a1d01b04617359afa65008c03da7151e9cce31fcfe61
-
SSDEEP
49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SflDrlf:NABk
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-