General
-
Target
83d1979057a1e62422937e2d4d533d93b57c3a41dea9ed82358c1c112b6c3ab7
-
Size
1.6MB
-
Sample
240522-crxg9ahd4s
-
MD5
add9abf21113ad239545ed302581ba52
-
SHA1
1cf2a255dfc83c8763f081b6bcdc867721084c9b
-
SHA256
83d1979057a1e62422937e2d4d533d93b57c3a41dea9ed82358c1c112b6c3ab7
-
SHA512
f9c45cdf34f10e0471e44afe94365431621b8943ee1b92de3e476e08cb293d4514e08f9aadcd584efcf125223a7a4860a231868304301058bb2beb4bca66f2a2
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTqaQV/cets/d3:Lz071uv4BPMkFfdk2auTqao/c/9
Malware Config
Targets
-
-
Target
83d1979057a1e62422937e2d4d533d93b57c3a41dea9ed82358c1c112b6c3ab7
-
Size
1.6MB
-
MD5
add9abf21113ad239545ed302581ba52
-
SHA1
1cf2a255dfc83c8763f081b6bcdc867721084c9b
-
SHA256
83d1979057a1e62422937e2d4d533d93b57c3a41dea9ed82358c1c112b6c3ab7
-
SHA512
f9c45cdf34f10e0471e44afe94365431621b8943ee1b92de3e476e08cb293d4514e08f9aadcd584efcf125223a7a4860a231868304301058bb2beb4bca66f2a2
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTqaQV/cets/d3:Lz071uv4BPMkFfdk2auTqao/c/9
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-