Overview

overview

10

Static

static

10

2025-03-30...ig.exe

windows7-x64

10

2025-03-30...ig.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-30_ed796dfc2733d303801d940d1445750a_aspxspy_black-basta_ezcob_xmrig

  • Size

    5.0MB

  • Sample

    250330-tjs9asvjx9

  • MD5

    ed796dfc2733d303801d940d1445750a

  • SHA1

    0c45c1b999eb03f9dbad97b9159e6f97517822ee

  • SHA256

    e763f0ca42c4c7b99da0dfb7271315eaeb9a02b090405193558e2e356177a27c

  • SHA512

    acfcd7904527f9204aa8932a63a0030b69aa728f45c2e0486f9708dc8ac8a84fd4f7a56d0a8bd1950e59784485482596b40ac65d7f1799bf01a278ae871282d2

  • SSDEEP

    98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr8l:zbBeSFkz

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      2025-03-30_ed796dfc2733d303801d940d1445750a_aspxspy_black-basta_ezcob_xmrig

    • Size

      5.0MB

    • MD5

      ed796dfc2733d303801d940d1445750a

    • SHA1

      0c45c1b999eb03f9dbad97b9159e6f97517822ee

    • SHA256

      e763f0ca42c4c7b99da0dfb7271315eaeb9a02b090405193558e2e356177a27c

    • SHA512

      acfcd7904527f9204aa8932a63a0030b69aa728f45c2e0486f9708dc8ac8a84fd4f7a56d0a8bd1950e59784485482596b40ac65d7f1799bf01a278ae871282d2

    • SSDEEP

      98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr8l:zbBeSFkz

    Score
    10/10
    xmrigexecutionminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks