General
-
Target
793c0268d38b516e059d6b365bfff5b8fc4235a2b64cfbc0942ef1faf54f38ec
-
Size
1.4MB
-
Sample
240607-bz2lhafd4v
-
MD5
1b08bcee5c8209f3f4e92f4f950dc3b7
-
SHA1
bccdfbdb33b2aa4ca3379cf301e8f348326f9c6e
-
SHA256
793c0268d38b516e059d6b365bfff5b8fc4235a2b64cfbc0942ef1faf54f38ec
-
SHA512
3fc94168b814c978c9f785aae007d953215a7ddd36e8a37d466642b73b50d2064befcc7d9b0114d4383be58501836e17c853d780b125fb2d2adda0f019919a54
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkUCCWvLEvjhnXwx8/2Pbx/mbGRJpsHE0Q:Lz071uv4BPMkHC0IlnASEx/RHpgQ
Malware Config
Targets
-
-
Target
793c0268d38b516e059d6b365bfff5b8fc4235a2b64cfbc0942ef1faf54f38ec
-
Size
1.4MB
-
MD5
1b08bcee5c8209f3f4e92f4f950dc3b7
-
SHA1
bccdfbdb33b2aa4ca3379cf301e8f348326f9c6e
-
SHA256
793c0268d38b516e059d6b365bfff5b8fc4235a2b64cfbc0942ef1faf54f38ec
-
SHA512
3fc94168b814c978c9f785aae007d953215a7ddd36e8a37d466642b73b50d2064befcc7d9b0114d4383be58501836e17c853d780b125fb2d2adda0f019919a54
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkUCCWvLEvjhnXwx8/2Pbx/mbGRJpsHE0Q:Lz071uv4BPMkHC0IlnASEx/RHpgQ
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-