General
-
Target
6e6effb5b6869c6436b04ca6837af185ec141c1125d824830329186f86fee79d
-
Size
1.6MB
-
Sample
240527-3gvtsaea6z
-
MD5
96492767a0c2fc4141418c6581738f15
-
SHA1
47ca0d2de33903670162473158f07aa240050d84
-
SHA256
6e6effb5b6869c6436b04ca6837af185ec141c1125d824830329186f86fee79d
-
SHA512
eff6733a19399c366deea4173041f19ddf5d4c16fc745959ee5cd3bd5c6dc3dbce4da3690fcd235d9387de25c703fbaa736e1c04716228722fab8185477c297f
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkFfkeMlN675EgEPgsZLHYm2WVDtdpR1:Lz071uv4BPMkFfdg6NsNtJVlR1
Malware Config
Targets
-
-
Target
6e6effb5b6869c6436b04ca6837af185ec141c1125d824830329186f86fee79d
-
Size
1.6MB
-
MD5
96492767a0c2fc4141418c6581738f15
-
SHA1
47ca0d2de33903670162473158f07aa240050d84
-
SHA256
6e6effb5b6869c6436b04ca6837af185ec141c1125d824830329186f86fee79d
-
SHA512
eff6733a19399c366deea4173041f19ddf5d4c16fc745959ee5cd3bd5c6dc3dbce4da3690fcd235d9387de25c703fbaa736e1c04716228722fab8185477c297f
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkFfkeMlN675EgEPgsZLHYm2WVDtdpR1:Lz071uv4BPMkFfdg6NsNtJVlR1
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-