xmrig | 3ee7764c37b39d35584e6a0bf781e788e7529353bd5d40f5de952800805051b3 | Triage

Submit
Reports

Overview

overview

Static

static

ec07652e3f...55.exe

windows7_x64

ec07652e3f...55.exe

windows10_x64

Sharing

General

Target

5114482268602368.zip
Size

20KB
Sample

201224-ekllnx8cnx
MD5

93ad19058937ff7b2b9592bec94cc95f
SHA1

2b1b66e1f9851b639c5db0986c140ce640286616
SHA256

3ee7764c37b39d35584e6a0bf781e788e7529353bd5d40f5de952800805051b3
SHA512

8e6b842735ca92ea8c57deb6ef00800277df17e1d2befe4bb717ab632820c5d6978b26a772fd9640cdf65c102d53065d135e2b4eef9f1651baf91831393b21af

Score

10^/10

xmrig discovery evasion exploit miner persistence

Static task

static1

Behavioral task

behavioral1

Sample

ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55.exe

Resource

win7v20201028

discovery evasion exploit persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55.exe

Resource

win10v20201028

xmrig discovery evasion exploit miner persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55
- Size
  
  135KB
- MD5
  
  4777ca8e3e3ded9a9598c942043a3b30
- SHA1
  
  955de87f9bd9382141b9ffbf9c3e84731cc5d132
- SHA256
  
  ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55
- SHA512
  
  c271a58918de797e11a9b6f5e97a7cfcfc1fd8913236c8f864ea96fb229321f59b3f8119a0803ecb0394d6709c434475f63a5cc4dbfba79d24d4efad2881ccfd
Score

10^/10

discovery evasion exploit persistence xmrig miner
- Modifies WinLogon for persistence
  persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

File Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionexploitpersistence

behavioral2

xmrigdiscoveryevasionexploitminerpersistence

© 2018-2024

Terms | Privacy