General
-
Target
104079d51ee0d3925900189fb7bd13c09ddd8a34ff61628e99ca7922e4ed59c5
-
Size
1.7MB
-
Sample
240527-xlfyjaeb2s
-
MD5
9552bbc49b14b0c451de453e3a9370c6
-
SHA1
b134446078b3f7cf8a5a9bdfff739a900d4be0f2
-
SHA256
104079d51ee0d3925900189fb7bd13c09ddd8a34ff61628e99ca7922e4ed59c5
-
SHA512
3b68458dc8679103ade80e69cc36e9c7b58d91022ce0c5b13f7a3766a8bd723809fbebb6b19f2fa42408c3a8950db0d4db56310a8e3f72619b19f46a14cf24a1
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkiptb8q33F1QeQthKJAc+StNfN3IvGIcveRO8JqU1e:Lz071uv4BPMkivwSbaMYPcyO8GYE4U
Behavioral task
behavioral1
Sample
104079d51ee0d3925900189fb7bd13c09ddd8a34ff61628e99ca7922e4ed59c5.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
104079d51ee0d3925900189fb7bd13c09ddd8a34ff61628e99ca7922e4ed59c5
-
Size
1.7MB
-
MD5
9552bbc49b14b0c451de453e3a9370c6
-
SHA1
b134446078b3f7cf8a5a9bdfff739a900d4be0f2
-
SHA256
104079d51ee0d3925900189fb7bd13c09ddd8a34ff61628e99ca7922e4ed59c5
-
SHA512
3b68458dc8679103ade80e69cc36e9c7b58d91022ce0c5b13f7a3766a8bd723809fbebb6b19f2fa42408c3a8950db0d4db56310a8e3f72619b19f46a14cf24a1
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkiptb8q33F1QeQthKJAc+StNfN3IvGIcveRO8JqU1e:Lz071uv4BPMkivwSbaMYPcyO8GYE4U
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-