xmrig | e07b0cd7eca5bc70b07ea786c3ef4da28036c901effa2193a93caf945cb2b334 | Triage

Submit
Reports

Overview

overview

Static

static

Tray.exe

windows7_x64

8

Tray.exe

windows10_x64

Resubmissions

13/02/2022, 03:26 UTC

220213-dy59eafben 10

25/06/2021, 19:08 UTC

210625-fml1gypkn6 8

19/06/2021, 15:14 UTC

210619-d3391n953n 10

Sharing

General

Target

Tray.exe
Size

321KB
Sample

210619-d3391n953n
MD5

6585cb51ff21007fb9ef936e96c58982
SHA1

7a3d5563460b9935fe84879ee14fabfc7c664825
SHA256

e07b0cd7eca5bc70b07ea786c3ef4da28036c901effa2193a93caf945cb2b334
SHA512

523c7b3ed0907a473eac04c8cb8642eeea1d3a223069f876a7e0bc18075d59f9903319f6b2e3c2fa262158f04c4ad3637568dd9b0558732c8a574ffe566efc7d

Score

10^/10

xmrig miner ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Tray.exe

Resource

win7v20210410

ransomware spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Tray.exe

Resource

win10v20210410

xmrig miner ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Tray.exe
- Size
  
  321KB
- MD5
  
  6585cb51ff21007fb9ef936e96c58982
- SHA1
  
  7a3d5563460b9935fe84879ee14fabfc7c664825
- SHA256
  
  e07b0cd7eca5bc70b07ea786c3ef4da28036c901effa2193a93caf945cb2b334
- SHA512
  
  523c7b3ed0907a473eac04c8cb8642eeea1d3a223069f876a7e0bc18075d59f9903319f6b2e3c2fa262158f04c4ad3637568dd9b0558732c8a574ffe566efc7d
Score

10^/10

ransomware spyware stealer xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Drops file in Drivers directory
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ransomwarespywarestealer

behavioral2

xmrigminerransomwarespywarestealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.