General
-
Target
d6c22d172c0502eca13836c7c8bf34c7f6fe13cd2d883ce3ea12a1fcd392e5d3
-
Size
3.3MB
-
Sample
240522-jzze5shc3w
-
MD5
043ac75bfd06c4d77da8530476352b52
-
SHA1
0509683ec7da10c9cb3efdd6ebcc8f37da706348
-
SHA256
d6c22d172c0502eca13836c7c8bf34c7f6fe13cd2d883ce3ea12a1fcd392e5d3
-
SHA512
226839a51c08f06fd27e75e7445d6e130a234e2915ac38bb2a152bcb88dcfde806d468a978957c953fac1bb04fea123590333e5b65089d2cf305e98dfc82d4fa
-
SSDEEP
98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWX:SbBeSFk7
Malware Config
Targets
-
-
Target
d6c22d172c0502eca13836c7c8bf34c7f6fe13cd2d883ce3ea12a1fcd392e5d3
-
Size
3.3MB
-
MD5
043ac75bfd06c4d77da8530476352b52
-
SHA1
0509683ec7da10c9cb3efdd6ebcc8f37da706348
-
SHA256
d6c22d172c0502eca13836c7c8bf34c7f6fe13cd2d883ce3ea12a1fcd392e5d3
-
SHA512
226839a51c08f06fd27e75e7445d6e130a234e2915ac38bb2a152bcb88dcfde806d468a978957c953fac1bb04fea123590333e5b65089d2cf305e98dfc82d4fa
-
SSDEEP
98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWX:SbBeSFk7
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-