Overview

overview

10

Static

static

10

2025-04-07...ig.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-07_544565fd5c6e909866eeb0de280ac48c_black-basta_ezcob_xmrig

  • Size

    4.4MB

  • Sample

    250407-m9r1laxtbs

  • MD5

    544565fd5c6e909866eeb0de280ac48c

  • SHA1

    d49d41275d11f5e303a81bf27ba9ad658ed7fead

  • SHA256

    f93d724863c0ed80f7fb73464e490902d1c309f6e947f3ee8fbd18a3afa7f989

  • SHA512

    7bf7cfa2891632c8e45f8d7c26267b47189e04c3b9623801f20ffd6848283397fa3162be49dad48fd32d2c001816c4c4c573a10b0e2debc44b157016566b6b02

  • SSDEEP

    98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr8v:zbBeSFk1

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      2025-04-07_544565fd5c6e909866eeb0de280ac48c_black-basta_ezcob_xmrig

    • Size

      4.4MB

    • MD5

      544565fd5c6e909866eeb0de280ac48c

    • SHA1

      d49d41275d11f5e303a81bf27ba9ad658ed7fead

    • SHA256

      f93d724863c0ed80f7fb73464e490902d1c309f6e947f3ee8fbd18a3afa7f989

    • SHA512

      7bf7cfa2891632c8e45f8d7c26267b47189e04c3b9623801f20ffd6848283397fa3162be49dad48fd32d2c001816c4c4c573a10b0e2debc44b157016566b6b02

    • SSDEEP

      98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr8v:zbBeSFk1

    Score
    10/10
    xmrigexecutionminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks