General
-
Target
e556433b6e310744e037442a65a0b615d5cc82ebfc7e7ee8746f8b09e9b415f7
-
Size
3.3MB
-
Sample
240614-fz7jzazgnl
-
MD5
e7a459d84b4bcbd9a13ffa39b837fc2c
-
SHA1
96d1704b33693c3894ce250decf2b4aa61532160
-
SHA256
e556433b6e310744e037442a65a0b615d5cc82ebfc7e7ee8746f8b09e9b415f7
-
SHA512
3a6d744713051faa94b8afef7b2be32df254ac473e7471cdcbb88841e4665b543f2e15169fb52a248d08e8ec5628951e03fcc17f122b4279feb414c433c8713a
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWq:7bBeSFkO
Malware Config
Targets
-
-
Target
e556433b6e310744e037442a65a0b615d5cc82ebfc7e7ee8746f8b09e9b415f7
-
Size
3.3MB
-
MD5
e7a459d84b4bcbd9a13ffa39b837fc2c
-
SHA1
96d1704b33693c3894ce250decf2b4aa61532160
-
SHA256
e556433b6e310744e037442a65a0b615d5cc82ebfc7e7ee8746f8b09e9b415f7
-
SHA512
3a6d744713051faa94b8afef7b2be32df254ac473e7471cdcbb88841e4665b543f2e15169fb52a248d08e8ec5628951e03fcc17f122b4279feb414c433c8713a
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWq:7bBeSFkO
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-