xmrig | a80220c129dabdfc9a8159b120994e4e8a21b8c7a4709b8c6df717401d7b3924 | Triage

Sharing

General

Target

a80220c129dabdfc9a8159b120994e4e8a21b8c7a4709b8c6df717401d7b3924
Size

503KB
Sample

210223-e4dr1pvtkj
MD5

8f7a0bab0c7fd6f5111eafda1af98d94
SHA1

29bdd03781062d3415b23fb99fbe3907c0d95250
SHA256

a80220c129dabdfc9a8159b120994e4e8a21b8c7a4709b8c6df717401d7b3924
SHA512

d047eec9642da9aafa831fef25b05462d626f6619c05fa037e8569224644961e666157c58fde584ecae393bd82b56d0948e2d7f377775c47e83b6eb5125288f0

Score

10^/10

xmrig evasion miner

Malware Config

Targets

- Target
  
  a80220c129dabdfc9a8159b120994e4e8a21b8c7a4709b8c6df717401d7b3924
- Size
  
  503KB
- MD5
  
  8f7a0bab0c7fd6f5111eafda1af98d94
- SHA1
  
  29bdd03781062d3415b23fb99fbe3907c0d95250
- SHA256
  
  a80220c129dabdfc9a8159b120994e4e8a21b8c7a4709b8c6df717401d7b3924
- SHA512
  
  d047eec9642da9aafa831fef25b05462d626f6619c05fa037e8569224644961e666157c58fde584ecae393bd82b56d0948e2d7f377775c47e83b6eb5125288f0
Score

10^/10

xmrig evasion miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigevasionminer

behavioral2

xmrigevasionminer