xmrig | e5f52a7867ca71f20a366648795bae578f202104e077a94490c8e3771b35423a | Triage

Submit
Reports

Overview

overview

Static

static

Chew-WGA.exe

windows7_x64

Chew-WGA.exe

windows10_x64

Sharing

General

Target

Chew-WGA.exe
Size

9.5MB
Sample

210703-spl55mp4ps
MD5

f5572fab554c3118764c69848f8ac7a8
SHA1

c5b6bdbc4b50f5bb11c0093cfc86047d78b52ffc
SHA256

e5f52a7867ca71f20a366648795bae578f202104e077a94490c8e3771b35423a
SHA512

7c80181733032764c6c252248076be536082ff74780a850ed6d93a27b1bc6ee72ade08977471ccd4d91332e2796cca0213f1ed4a2caf68816f4eb92cd312d9f5

Score

10^/10

xmrig discovery exploit miner persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

Chew-WGA.exe

Resource

win7v20210410

xmrig discovery exploit miner persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Chew-WGA.exe

Resource

win10v20210408

xmrig discovery exploit miner persistence upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Chew-WGA.exe
- Size
  
  9.5MB
- MD5
  
  f5572fab554c3118764c69848f8ac7a8
- SHA1
  
  c5b6bdbc4b50f5bb11c0093cfc86047d78b52ffc
- SHA256
  
  e5f52a7867ca71f20a366648795bae578f202104e077a94490c8e3771b35423a
- SHA512
  
  7c80181733032764c6c252248076be536082ff74780a850ed6d93a27b1bc6ee72ade08977471ccd4d91332e2796cca0213f1ed4a2caf68816f4eb92cd312d9f5
Score

10^/10

xmrig discovery exploit miner persistence upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Drops file in Drivers directory
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigdiscoveryexploitminerpersistenceupx

behavioral2

xmrigdiscoveryexploitminerpersistenceupx

© 2018-2024

Terms | Privacy