Overview

overview

10

Static

static

10

414305beba...22.exe

windows7-x64

10

414305beba...22.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    414305beba961b7d56f372800d944f1a49bfe191b93d45066e718652fdc15f22

  • Size

    3.2MB

  • Sample

    240428-zbbbeagg7v

  • MD5

    25f3765fc76c31e6f971b53c448e2ee7

  • SHA1

    12fde9d410c2d834b54bf6eab0357f5b548f01c6

  • SHA256

    414305beba961b7d56f372800d944f1a49bfe191b93d45066e718652fdc15f22

  • SHA512

    b6ff53c47e7f20b49863b473db5a0e0b927bc33d11b7bd450ed1f75c41776248d607b3414d58588bc7a85d0da219b912c96759e1a3e16a2e2db9948856f82fde

  • SSDEEP

    98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW2:SbBeSFkS

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      414305beba961b7d56f372800d944f1a49bfe191b93d45066e718652fdc15f22

    • Size

      3.2MB

    • MD5

      25f3765fc76c31e6f971b53c448e2ee7

    • SHA1

      12fde9d410c2d834b54bf6eab0357f5b548f01c6

    • SHA256

      414305beba961b7d56f372800d944f1a49bfe191b93d45066e718652fdc15f22

    • SHA512

      b6ff53c47e7f20b49863b473db5a0e0b927bc33d11b7bd450ed1f75c41776248d607b3414d58588bc7a85d0da219b912c96759e1a3e16a2e2db9948856f82fde

    • SSDEEP

      98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW2:SbBeSFkS

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Detects executables containing URLs to raw contents of a Github gist

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks