xmrig | 29051e0cdfd29405d4766b2d09e93c03b190fc71d094d11fb0e7bc998187689d | Triage

Submit
Reports

Overview

overview

Static

static

d331a53d_b...is.exe

windows7_x64

d331a53d_b...is.exe

windows10_x64

Sharing

General

Target

d331a53d_by_Libranalysis
Size

118KB
Sample

210505-ynmhgsacgj
MD5

d331a53d6deced27e44a1b23a897c660
SHA1

a96d6f7f562943794a632b7071c2bc228477ed6f
SHA256

29051e0cdfd29405d4766b2d09e93c03b190fc71d094d11fb0e7bc998187689d
SHA512

632b1a37d395a9dad7e2ac1c47007b98c877f187ecf564935fa1cb9062ceed13eacd98cc9782e815d616c204e38e9c3bef43f4223c3f69a4b94562e899543a18

Score

10^/10

xmrig miner persistence

Static task

static1

Behavioral task

behavioral1

Sample

d331a53d_by_Libranalysis.exe

Resource

win7v20210408

xmrig miner persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d331a53d_by_Libranalysis.exe

Resource

win10v20210410

xmrig miner persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d331a53d_by_Libranalysis
- Size
  
  118KB
- MD5
  
  d331a53d6deced27e44a1b23a897c660
- SHA1
  
  a96d6f7f562943794a632b7071c2bc228477ed6f
- SHA256
  
  29051e0cdfd29405d4766b2d09e93c03b190fc71d094d11fb0e7bc998187689d
- SHA512
  
  632b1a37d395a9dad7e2ac1c47007b98c877f187ecf564935fa1cb9062ceed13eacd98cc9782e815d616c204e38e9c3bef43f4223c3f69a4b94562e899543a18
Score

10^/10

xmrig miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigminerpersistence

behavioral2

xmrigminerpersistence

© 2018-2024

Terms | Privacy