xmrig | 09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1 | Triage

Submit
Reports

Overview

overview

Static

static

09ba1d1497...a1.exe

windows7_x64

09ba1d1497...a1.exe

windows10_x64

Sharing

General

Target

09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1
Size

3.4MB
Sample

210228-ggbll8m1gx
MD5

fcf8030e2adf516ca9fde494f4fdb6ea
SHA1

d97eaedc6b09268a8451c6e5de6acf283bbe0f79
SHA256

09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1
SHA512

3d07a6bd7ce936d002391323ee15fccc158074ae37f0de78d9f9604acff967c6ad075300aae784f2fe2c0ca15c52b65e7ac7af700c15c2c56d5e7caf9763f56f

Score

10^/10

xmrig evasion miner persistence

Static task

static1

Behavioral task

behavioral1

Sample

09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1.exe

Resource

win7v20201028

xmrig evasion miner persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1.exe

Resource

win10v20201028

xmrig evasion miner persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1
- Size
  
  3.4MB
- MD5
  
  fcf8030e2adf516ca9fde494f4fdb6ea
- SHA1
  
  d97eaedc6b09268a8451c6e5de6acf283bbe0f79
- SHA256
  
  09ba1d1497c0886120a435a4990aba55b9ee83c96b294ff66c6fac4295c8b8a1
- SHA512
  
  3d07a6bd7ce936d002391323ee15fccc158074ae37f0de78d9f9604acff967c6ad075300aae784f2fe2c0ca15c52b65e7ac7af700c15c2c56d5e7caf9763f56f
Score

10^/10

xmrig evasion miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigevasionminerpersistence

behavioral2

xmrigevasionminerpersistence

© 2018-2024

Terms | Privacy