xmrig | a089c7c4c0eb4e4b5138ec4520076d110a91b330ad467a90b350b480755b3ea7 | Triage

Sharing

General

Target

a089c7c4c0eb4e4b5138ec4520076d110a91b330ad467a90b350b480755b3ea7
Size

198KB
Sample

210513-dm8qh37dd2
MD5

4c34325d936adfa8d1c2d1d99d9bc78f
SHA1

8d71cd65fb3c4c4a354f97072d216d01c766c946
SHA256

a089c7c4c0eb4e4b5138ec4520076d110a91b330ad467a90b350b480755b3ea7
SHA512

96e61f20135e2a93126e3e535bae66cfc01d347be5038b6b6adbb0dc1f27bb5e3a0533685b401eb83d4afc55232a689faa26188ed46364e2cf872bf2327ef31e

Score

10^/10

xmrig miner persistence

Malware Config

Targets

- Target
  
  a089c7c4c0eb4e4b5138ec4520076d110a91b330ad467a90b350b480755b3ea7
- Size
  
  198KB
- MD5
  
  4c34325d936adfa8d1c2d1d99d9bc78f
- SHA1
  
  8d71cd65fb3c4c4a354f97072d216d01c766c946
- SHA256
  
  a089c7c4c0eb4e4b5138ec4520076d110a91b330ad467a90b350b480755b3ea7
- SHA512
  
  96e61f20135e2a93126e3e535bae66cfc01d347be5038b6b6adbb0dc1f27bb5e3a0533685b401eb83d4afc55232a689faa26188ed46364e2cf872bf2327ef31e
Score

10^/10

xmrig miner persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistence

behavioral2

xmrigminerpersistence