xmrig | d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a | Triage

Submit
Reports

Overview

overview

Static

static

d92f632b03...3a.exe

windows7_x64

d92f632b03...3a.exe

windows10_x64

Sharing

General

Target

d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a
Size

1.1MB
Sample

210228-dq89je6ges
MD5

e8cb16902d3100e0833ef9c4367fe17b
SHA1

b639ffb519f85b4db9987daadfbe6e458e986c25
SHA256

d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a
SHA512

084f6f87a3d180cc3f37c5416a2744aefe3295da2ee5a88125468740e51cb6e93f518cb6143b5035c7fa515d0e01fdbcb9f12280857deb2d612c7c67850e7a9e

Score

10^/10

xmrig evasion miner

Static task

static1

Behavioral task

behavioral1

Sample

d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a.exe

Resource

win7v20201028

xmrig evasion miner

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a.exe

Resource

win10v20201028

xmrig evasion miner

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a
- Size
  
  1.1MB
- MD5
  
  e8cb16902d3100e0833ef9c4367fe17b
- SHA1
  
  b639ffb519f85b4db9987daadfbe6e458e986c25
- SHA256
  
  d92f632b039d42bfe46c284f35b8ce4f898576d840fd366becc1d9bcd4ed6a3a
- SHA512
  
  084f6f87a3d180cc3f37c5416a2744aefe3295da2ee5a88125468740e51cb6e93f518cb6143b5035c7fa515d0e01fdbcb9f12280857deb2d612c7c67850e7a9e
Score

10^/10

xmrig evasion miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigevasionminer

behavioral2

xmrigevasionminer

© 2018-2024

Terms | Privacy