xmrig | d81e4dad6ceebe9cb2fe39eff3ed71675319bd50201bf4c817ca6e700529c50f | Triage

Analysis

max time kernel
120s
max time network
122s
platform
windows10_x64
resource
win10v20201028
submitted
14-12-2020 14:53

Sharing

Report Analysis Logs

General

Target

62e045e13bb5bc8a2f72aaa58b430812.exe
Size

6.4MB
MD5

62e045e13bb5bc8a2f72aaa58b430812
SHA1

bedabdfdcc221c4aa2e17b789a7e26193beada3f
SHA256

d81e4dad6ceebe9cb2fe39eff3ed71675319bd50201bf4c817ca6e700529c50f
SHA512

e5fd36ef342610b12c540f1439c5a4b616f32232e8d5866e4ab556b5b6fa448da67a98b1ec12b8229091737cde070b83b04b1228ef378b721e2026747bccecfa

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner Payload 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/508-2-0x0000000000400000-0x00000000010B6000-memory.dmp	xmrig
behavioral2/memory/508-3-0x0000000000400000-0x00000000010B6000-memory.dmp	xmrig

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/508-2-0x0000000000400000-0x00000000010B6000-memory.dmp	upx
behavioral2/memory/508-3-0x0000000000400000-0x00000000010B6000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\62e045e13bb5bc8a2f72aaa58b430812.exe
"C:\Users\Admin\AppData\Local\Temp\62e045e13bb5bc8a2f72aaa58b430812.exe"
1⤵
PID:508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/508-2-0x0000000000400000-0x00000000010B6000-memory.dmp

Filesize
12.7MB

Download
memory/508-3-0x0000000000400000-0x00000000010B6000-memory.dmp

Filesize
12.7MB

Download