General
-
Target
eb58eb69cdea02f95473c28f00a89afaee617d8dac5c12b79207b7060854f886
-
Size
3.0MB
-
Sample
240605-frnf5afg82
-
MD5
407fa98c52fb17e8de7bf52d74a5a005
-
SHA1
51bf475da39a84932a129d2e7a5e5463821ac263
-
SHA256
eb58eb69cdea02f95473c28f00a89afaee617d8dac5c12b79207b7060854f886
-
SHA512
8dbbc2d2b3f537e69998ee2c1d95f770b05b112e1cc7c2177d75b1197634af47e161270070223f44180d3b9f9e43a8e223ab14e04f5652fc317b23df24173a0b
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWC:7bBeSFku
Malware Config
Targets
-
-
Target
eb58eb69cdea02f95473c28f00a89afaee617d8dac5c12b79207b7060854f886
-
Size
3.0MB
-
MD5
407fa98c52fb17e8de7bf52d74a5a005
-
SHA1
51bf475da39a84932a129d2e7a5e5463821ac263
-
SHA256
eb58eb69cdea02f95473c28f00a89afaee617d8dac5c12b79207b7060854f886
-
SHA512
8dbbc2d2b3f537e69998ee2c1d95f770b05b112e1cc7c2177d75b1197634af47e161270070223f44180d3b9f9e43a8e223ab14e04f5652fc317b23df24173a0b
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWC:7bBeSFku
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-