General
-
Target
63eaf43d556ce27e2c7514732121e3f45b8431064aaf1ff537774e2e807a9a98
-
Size
3.2MB
-
Sample
240609-bb2xcsba9x
-
MD5
33ef0732786c2d71accc333318cd1232
-
SHA1
cca4b9d687fcf098e10d5d83282cb028e611f49c
-
SHA256
63eaf43d556ce27e2c7514732121e3f45b8431064aaf1ff537774e2e807a9a98
-
SHA512
045bea8e111aa9aa342ec92605a7ba5e7f593fd22e60cb42bb10d6557aee978c48e976814c658c12068982e45a22f088fa877638a6e3d5342c03c7fdeeeaa693
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW9:7bBeSFkB
Malware Config
Targets
-
-
Target
63eaf43d556ce27e2c7514732121e3f45b8431064aaf1ff537774e2e807a9a98
-
Size
3.2MB
-
MD5
33ef0732786c2d71accc333318cd1232
-
SHA1
cca4b9d687fcf098e10d5d83282cb028e611f49c
-
SHA256
63eaf43d556ce27e2c7514732121e3f45b8431064aaf1ff537774e2e807a9a98
-
SHA512
045bea8e111aa9aa342ec92605a7ba5e7f593fd22e60cb42bb10d6557aee978c48e976814c658c12068982e45a22f088fa877638a6e3d5342c03c7fdeeeaa693
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW9:7bBeSFkB
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-