runningrat | 8af4a9ab3943a49bda13ba1af87ea3a5934efb29b3f0de9284744a155cab0f0f | Triage

Submit
Reports

Overview

overview

Static

static

8

x64.exe

windows7_x64

x64.exe

windows10_x64

Sharing

General

Target

x64.exe
Size

32KB
Sample

210507-r9sre1s6r2
MD5

e65f3463068c583ba9ec1aabc08d1cd5
SHA1

97eca180a490fbf6fdbbb96eee1769d315594ad7
SHA256

8af4a9ab3943a49bda13ba1af87ea3a5934efb29b3f0de9284744a155cab0f0f
SHA512

a552b3a386e89a3e04fa85d9dbee2557ee7c44e8be33ebb33f3f9bb00eb3392b6b10f733092e93831a47ea7ac5bec316e6d970d7026227595951103009e22b05

Score

10^/10

runningrat xmrig miner persistence rat upx

Static task

static1

Behavioral task

behavioral1

Sample

x64.exe

Resource

win7v20210408

runningrat xmrig miner persistence rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

x64.exe

Resource

win10v20210410

runningrat xmrig miner persistence rat

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  x64.exe
- Size
  
  32KB
- MD5
  
  e65f3463068c583ba9ec1aabc08d1cd5
- SHA1
  
  97eca180a490fbf6fdbbb96eee1769d315594ad7
- SHA256
  
  8af4a9ab3943a49bda13ba1af87ea3a5934efb29b3f0de9284744a155cab0f0f
- SHA512
  
  a552b3a386e89a3e04fa85d9dbee2557ee7c44e8be33ebb33f3f9bb00eb3392b6b10f733092e93831a47ea7ac5bec316e6d970d7026227595951103009e22b05
Score

10^/10

runningrat xmrig miner persistence rat
- RunningRat
  RunningRat is a remote access trojan first seen in 2018.
  rat runningrat
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

runningratxmrigminerpersistencerat

behavioral2

runningratxmrigminerpersistencerat

© 2018-2024

Terms | Privacy