General
-
Target
7b8fc317d2c238a5948a15cc9e97244efa4500e2d454806b7087d0054d2fcbb3
-
Size
823KB
-
Sample
240627-29z4jazfkl
-
MD5
ec26fb7fae2471ab4a66628e8b574c6e
-
SHA1
03b46cd21ad2fffe08c34694340da97d1c7fcf59
-
SHA256
7b8fc317d2c238a5948a15cc9e97244efa4500e2d454806b7087d0054d2fcbb3
-
SHA512
ba9cdf50ff309aa8d4e07730fe29ed5a00356cf9bc8fd5b2f536816826193509529f56ca24cff496b3502fbfb709e69f8a37a5a9442a9498022433121ff4482e
-
SSDEEP
12288:UuqZ0GO3/fTn5rPtFDO5BTVo2hZiavoQFNc6E4PUwgsF+FCf9jGkxBi8+H1pY:zv3/fTLF671TilQFG4P5PMCfZZd+HjY
Malware Config
Targets
-
-
Target
7b8fc317d2c238a5948a15cc9e97244efa4500e2d454806b7087d0054d2fcbb3
-
Size
823KB
-
MD5
ec26fb7fae2471ab4a66628e8b574c6e
-
SHA1
03b46cd21ad2fffe08c34694340da97d1c7fcf59
-
SHA256
7b8fc317d2c238a5948a15cc9e97244efa4500e2d454806b7087d0054d2fcbb3
-
SHA512
ba9cdf50ff309aa8d4e07730fe29ed5a00356cf9bc8fd5b2f536816826193509529f56ca24cff496b3502fbfb709e69f8a37a5a9442a9498022433121ff4482e
-
SSDEEP
12288:UuqZ0GO3/fTn5rPtFDO5BTVo2hZiavoQFNc6E4PUwgsF+FCf9jGkxBi8+H1pY:zv3/fTLF671TilQFG4P5PMCfZZd+HjY
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Detects executables containing URLs to raw contents of a Github gist
-
UPX dump on OEP (original entry point)
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-