General
-
Target
e2460cb7830eedd244e39e99ea2f2df0228b7fa7d4a39266ed902ceba1b2f464
-
Size
1.7MB
-
Sample
240528-ggkg6ahe77
-
MD5
eef332f0d01887072027af163228eb8a
-
SHA1
9be0e84af957ec887f7ec1521ee81c9372766382
-
SHA256
e2460cb7830eedd244e39e99ea2f2df0228b7fa7d4a39266ed902ceba1b2f464
-
SHA512
79cb2a4126fe61805743573258387ae7209b965dd7bdd50d261eb3a6617725411feeef0ab5e8293600effd4443434483c7f36f2427f175f268d9ca8a7de583f4
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupQF4g6FReQwUzN6Rf0O226:Lz071uv4BPMki8CnfZFOzhL
Malware Config
Targets
-
-
Target
e2460cb7830eedd244e39e99ea2f2df0228b7fa7d4a39266ed902ceba1b2f464
-
Size
1.7MB
-
MD5
eef332f0d01887072027af163228eb8a
-
SHA1
9be0e84af957ec887f7ec1521ee81c9372766382
-
SHA256
e2460cb7830eedd244e39e99ea2f2df0228b7fa7d4a39266ed902ceba1b2f464
-
SHA512
79cb2a4126fe61805743573258387ae7209b965dd7bdd50d261eb3a6617725411feeef0ab5e8293600effd4443434483c7f36f2427f175f268d9ca8a7de583f4
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupQF4g6FReQwUzN6Rf0O226:Lz071uv4BPMki8CnfZFOzhL
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-