xmrig | aaacf1deb248da8e66c09156c5c828e17b2c9854b505b35526517b2257f4d99d | Triage

Analysis

max time kernel
13s
max time network
122s
platform
windows10_x64
resource
win10v20201028
submitted
14-12-2020 16:10

Sharing

Report Analysis Logs

General

Target

b62aad576a383ad0a61ec868db79a8bb.exe
Size

6.4MB
MD5

b62aad576a383ad0a61ec868db79a8bb
SHA1

b0d890492dc6c34102055284774d91611504223b
SHA256

aaacf1deb248da8e66c09156c5c828e17b2c9854b505b35526517b2257f4d99d
SHA512

b5e776846f7a845be61d88da68c16e42ff6acb50b83fa246d188f639ae4c88a4e5c863a579bc3688cefdf4f1117f9e595d6d6968f564b96fa87a2538bcbf9e18

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner Payload 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/3932-2-0x0000000000400000-0x00000000010B6000-memory.dmp	xmrig
behavioral2/memory/3932-3-0x0000000000400000-0x00000000010B6000-memory.dmp	xmrig

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/3932-2-0x0000000000400000-0x00000000010B6000-memory.dmp	upx
behavioral2/memory/3932-3-0x0000000000400000-0x00000000010B6000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\b62aad576a383ad0a61ec868db79a8bb.exe
"C:\Users\Admin\AppData\Local\Temp\b62aad576a383ad0a61ec868db79a8bb.exe"
1⤵
PID:3932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3932-2-0x0000000000400000-0x00000000010B6000-memory.dmp

Filesize
12.7MB

Download
memory/3932-3-0x0000000000400000-0x00000000010B6000-memory.dmp

Filesize
12.7MB

Download