General
-
Target
b84ebc7bda71df9dabb1729154d970d0b271d745bfeb913c75cc0788993f6df9
-
Size
1.6MB
-
Sample
240507-az5gqade48
-
MD5
e9c86d2266e5d91cec33176d8d99f01f
-
SHA1
ba38f2849a83b2731ac7e7212621aa0ee621b8e4
-
SHA256
b84ebc7bda71df9dabb1729154d970d0b271d745bfeb913c75cc0788993f6df9
-
SHA512
fcfe963c60ea7ba9811f55a019c2a50dc30b40f257c42b846908009c4f793d09b33e57232e0839018335a9c3803e2afe28b8af6c8448bf81a345a6af60b54f42
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkiptb8q33F1QeQthKJAc+StNfNuUv6asiRIc:Lz071uv4BPMkivwSbaMrac
Malware Config
Targets
-
-
Target
b84ebc7bda71df9dabb1729154d970d0b271d745bfeb913c75cc0788993f6df9
-
Size
1.6MB
-
MD5
e9c86d2266e5d91cec33176d8d99f01f
-
SHA1
ba38f2849a83b2731ac7e7212621aa0ee621b8e4
-
SHA256
b84ebc7bda71df9dabb1729154d970d0b271d745bfeb913c75cc0788993f6df9
-
SHA512
fcfe963c60ea7ba9811f55a019c2a50dc30b40f257c42b846908009c4f793d09b33e57232e0839018335a9c3803e2afe28b8af6c8448bf81a345a6af60b54f42
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkiptb8q33F1QeQthKJAc+StNfNuUv6asiRIc:Lz071uv4BPMkivwSbaMrac
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-