General

  • Target

    352927fc908d8076d3495e18e8ec8a97cf6bebb9899c40744293fbac17e3b61e

  • Size

    1.8MB

  • Sample

    240710-zzp5gasemc

  • MD5

    38a19a4079becbce31815ba0b92472df

  • SHA1

    78970ddc90f23b4a69e76a021036c1ad760bfcaf

  • SHA256

    352927fc908d8076d3495e18e8ec8a97cf6bebb9899c40744293fbac17e3b61e

  • SHA512

    7fb0d7f4eb48eece802d5cf3ef0e089d1fb65af78ed3b471e72f0945bf7c1a0615a6f8152d42e591a3b94e68f99c98c80718213ce34c35f9f5200737194eea7d

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXH0U:NABh

Malware Config

Targets

    • Target

      352927fc908d8076d3495e18e8ec8a97cf6bebb9899c40744293fbac17e3b61e

    • Size

      1.8MB

    • MD5

      38a19a4079becbce31815ba0b92472df

    • SHA1

      78970ddc90f23b4a69e76a021036c1ad760bfcaf

    • SHA256

      352927fc908d8076d3495e18e8ec8a97cf6bebb9899c40744293fbac17e3b61e

    • SHA512

      7fb0d7f4eb48eece802d5cf3ef0e089d1fb65af78ed3b471e72f0945bf7c1a0615a6f8152d42e591a3b94e68f99c98c80718213ce34c35f9f5200737194eea7d

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXH0U:NABh

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

Tasks