General
-
Target
abe16975724975af46e7e43e6529120b323c375067e6d4bb2d2f691b6d8a2640
-
Size
3.1MB
-
Sample
240609-hhlx2sfh27
-
MD5
77b1a84b46b473c86c864ce2724f9d5f
-
SHA1
60927036c65ede8aaf47fe98bbe8fd7aca5bc646
-
SHA256
abe16975724975af46e7e43e6529120b323c375067e6d4bb2d2f691b6d8a2640
-
SHA512
38e4ab0dfd528a535af8e5e5a2702042ac662ec78d60299bd5d7e156dd621910990fdace3f62697238cb1406252692bd837da647130c90e2d121438b8ed7fe9e
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWK:7bBeSFkG
Malware Config
Targets
-
-
Target
abe16975724975af46e7e43e6529120b323c375067e6d4bb2d2f691b6d8a2640
-
Size
3.1MB
-
MD5
77b1a84b46b473c86c864ce2724f9d5f
-
SHA1
60927036c65ede8aaf47fe98bbe8fd7aca5bc646
-
SHA256
abe16975724975af46e7e43e6529120b323c375067e6d4bb2d2f691b6d8a2640
-
SHA512
38e4ab0dfd528a535af8e5e5a2702042ac662ec78d60299bd5d7e156dd621910990fdace3f62697238cb1406252692bd837da647130c90e2d121438b8ed7fe9e
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWK:7bBeSFkG
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-