xmrig | 6ffa4e5574520e7c8b43d4bad9bd8a0dcf61499ffc390dea63d4b019e2da0de6 | Triage

Sharing

General

Target

6ffa4e5574520e7c8b43d4bad9bd8a0dcf61499ffc390dea63d4b019e2da0de6
Size

8.4MB
Sample

210504-eakvcqgy5x
MD5

0ddb81fbe836c3bb6c8b5e883b1ffe3a
SHA1

7cd99fafcfab1384abca82b89c39f25618783d77
SHA256

6ffa4e5574520e7c8b43d4bad9bd8a0dcf61499ffc390dea63d4b019e2da0de6
SHA512

333fe99717ba9da5ceb3a0bc0665472dbb1ffaed81f9a19d70e61c482f1605c8dde7218cb4249c68f8ca91e54438ac218e7bed982bcd448753e5bfad27164499

Score

10^/10

xmrig miner persistence

Malware Config

Targets

- Target
  
  6ffa4e5574520e7c8b43d4bad9bd8a0dcf61499ffc390dea63d4b019e2da0de6
- Size
  
  8.4MB
- MD5
  
  0ddb81fbe836c3bb6c8b5e883b1ffe3a
- SHA1
  
  7cd99fafcfab1384abca82b89c39f25618783d77
- SHA256
  
  6ffa4e5574520e7c8b43d4bad9bd8a0dcf61499ffc390dea63d4b019e2da0de6
- SHA512
  
  333fe99717ba9da5ceb3a0bc0665472dbb1ffaed81f9a19d70e61c482f1605c8dde7218cb4249c68f8ca91e54438ac218e7bed982bcd448753e5bfad27164499
Score

10^/10

persistence xmrig miner
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistence