xmrig | 3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb | Triage

Submit
Reports

Overview

overview

Static

static

3ed3d68215...eb.exe

windows7_x64

8

3ed3d68215...eb.exe

windows10_x64

Sharing

General

Target

3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb
Size

352KB
Sample

210513-h18yk5yzas
MD5

c473fd7072c93f65f882f60fc3c5f4d6
SHA1

1c8863d05817095c3202fcba668c53fe53a4580a
SHA256

3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb
SHA512

0948bf4a766c6c011a8390ebceb599cb4a0d14a2330c96b05c6c6158544bccbba216870bdab7ada86be38b6d91e5c14caf1f68db5ffe0330da3764b0778447d4

Score

10^/10

xmrig macro miner persistence xlm

Static task

static1

Behavioral task

behavioral1

Sample

3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb.exe

Resource

win7v20210410

macro persistence xlm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb.exe

Resource

win10v20210410

xmrig macro miner persistence xlm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb
- Size
  
  352KB
- MD5
  
  c473fd7072c93f65f882f60fc3c5f4d6
- SHA1
  
  1c8863d05817095c3202fcba668c53fe53a4580a
- SHA256
  
  3ed3d68215aabfeeb5e513af8659b6d6c6dcbc59a0142c83e386ec32098b1beb
- SHA512
  
  0948bf4a766c6c011a8390ebceb599cb4a0d14a2330c96b05c6c6158544bccbba216870bdab7ada86be38b6d91e5c14caf1f68db5ffe0330da3764b0778447d4
Score

10^/10

macro persistence xlm xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

macropersistencexlm

behavioral2

xmrigmacrominerpersistencexlm

© 2018-2024

Terms | Privacy