General
-
Target
a6c42ebfec1bcf601b772e9d686b51c184353429326396d2b6c63834ffc6293b
-
Size
3.6MB
-
Sample
240521-crzmlsfb9v
-
MD5
6584bcffc4e08731137e52f534299ee9
-
SHA1
82c571958154528123ffa3dd3fb70863c84d2dfa
-
SHA256
a6c42ebfec1bcf601b772e9d686b51c184353429326396d2b6c63834ffc6293b
-
SHA512
bbf6f9dd6f37b111431e41a8d7424f0951121e72354ef2f221558514d4f7634e1febef54ac059b1310fe665e4d30ea6b4cc4dde6399ccc740311540a8d0243d6
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWm:7bBeSFkq
Malware Config
Targets
-
-
Target
a6c42ebfec1bcf601b772e9d686b51c184353429326396d2b6c63834ffc6293b
-
Size
3.6MB
-
MD5
6584bcffc4e08731137e52f534299ee9
-
SHA1
82c571958154528123ffa3dd3fb70863c84d2dfa
-
SHA256
a6c42ebfec1bcf601b772e9d686b51c184353429326396d2b6c63834ffc6293b
-
SHA512
bbf6f9dd6f37b111431e41a8d7424f0951121e72354ef2f221558514d4f7634e1febef54ac059b1310fe665e4d30ea6b4cc4dde6399ccc740311540a8d0243d6
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWm:7bBeSFkq
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-