General
-
Target
980aaea07a94cde50210fd2d872dac1e36c9a5ce5333d610a941e0da1c350123
-
Size
3.2MB
-
Sample
240522-eamb3abb31
-
MD5
4433be868c4ff3b916913c10ba989510
-
SHA1
65d74972fc657b0dbf72463cd801554f6713a693
-
SHA256
980aaea07a94cde50210fd2d872dac1e36c9a5ce5333d610a941e0da1c350123
-
SHA512
125629898649827796965bbc00bf6fe61d6980aaa68f6b527a13fdd6a98536de07cf460481e4f96b40608b422694ee292fc6dbe0a27c746250734f0f42fea67e
-
SSDEEP
98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWT:SbBeSFk3
Malware Config
Targets
-
-
Target
980aaea07a94cde50210fd2d872dac1e36c9a5ce5333d610a941e0da1c350123
-
Size
3.2MB
-
MD5
4433be868c4ff3b916913c10ba989510
-
SHA1
65d74972fc657b0dbf72463cd801554f6713a693
-
SHA256
980aaea07a94cde50210fd2d872dac1e36c9a5ce5333d610a941e0da1c350123
-
SHA512
125629898649827796965bbc00bf6fe61d6980aaa68f6b527a13fdd6a98536de07cf460481e4f96b40608b422694ee292fc6dbe0a27c746250734f0f42fea67e
-
SSDEEP
98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWT:SbBeSFk3
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-