General
-
Target
a75ffcfe39123c7c7ff19bc9f34b03f9dd9b0f34d658a118fba82e70270add64
-
Size
3.2MB
-
Sample
240523-bvzaksgg73
-
MD5
0cbc9635a1f5fed346db2827c09d9e79
-
SHA1
39a122ac6841ee7ce63caef955c8867d803004d3
-
SHA256
a75ffcfe39123c7c7ff19bc9f34b03f9dd9b0f34d658a118fba82e70270add64
-
SHA512
23a78f446db1c9707f2d38e001127cbdd694b738f8b0641ae9f12adc008c6b6aa69f9d60789a3c69387f8b6ff6134b43346debf91dfc3de6bc2cf8a79a20e0ef
-
SSDEEP
98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWu:SbBeSFkK
Malware Config
Targets
-
-
Target
a75ffcfe39123c7c7ff19bc9f34b03f9dd9b0f34d658a118fba82e70270add64
-
Size
3.2MB
-
MD5
0cbc9635a1f5fed346db2827c09d9e79
-
SHA1
39a122ac6841ee7ce63caef955c8867d803004d3
-
SHA256
a75ffcfe39123c7c7ff19bc9f34b03f9dd9b0f34d658a118fba82e70270add64
-
SHA512
23a78f446db1c9707f2d38e001127cbdd694b738f8b0641ae9f12adc008c6b6aa69f9d60789a3c69387f8b6ff6134b43346debf91dfc3de6bc2cf8a79a20e0ef
-
SSDEEP
98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWu:SbBeSFkK
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-