xmrig | e94fd8d00302b5df6c4cb799155570e04d97de09abd4eec366a30f689c29366b | Triage

Submit
Reports

Overview

overview

Static

static

9b877744c0...a2.exe

windows7_x64

9b877744c0...a2.exe

windows10_x64

Sharing

General

Target

9b877744c008ddadc80793e37d8fda62ef6733c2d1c6474c65228f5806f30fa2.zip
Size

33KB
Sample

210705-dr8dlf3r9j
MD5

1517423a06ec8a053304ff5f0ecce1a2
SHA1

f42fe0ad9ce042870d1c85f29b5b08742f20231a
SHA256

e94fd8d00302b5df6c4cb799155570e04d97de09abd4eec366a30f689c29366b
SHA512

1c674cc6a3546ccad18e35bbfb4b6a5d4474e5087ed0beab00b2543d5cf1c477581c0c1bdf1196e0d1fbe7ab13856585a453ef78d98fd09515f282e52d6aab33

Score

10^/10

xmrig evasion miner

Static task

static1

Behavioral task

behavioral1

Sample

9b877744c008ddadc80793e37d8fda62ef6733c2d1c6474c65228f5806f30fa2.exe

Resource

win7v20210410

xmrig evasion miner

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9b877744c008ddadc80793e37d8fda62ef6733c2d1c6474c65228f5806f30fa2.exe

Resource

win10v20210408

xmrig evasion miner

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9b877744c008ddadc80793e37d8fda62ef6733c2d1c6474c65228f5806f30fa2
- Size
  
  91KB
- MD5
  
  abebef47fc7124185f13064761803339
- SHA1
  
  b79b427bea8091dbf687856ea0b0b4e874d64271
- SHA256
  
  9b877744c008ddadc80793e37d8fda62ef6733c2d1c6474c65228f5806f30fa2
- SHA512
  
  4c590e07388106ecc5fa21c494f374f560367cd1c601146f31560bbe433a17ecd6fe0f5c560b37109de8879f93a5b789b099788219084d7c0144524bd1b520f9
Score

10^/10

xmrig evasion miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigevasionminer

behavioral2

xmrigevasionminer

© 2018-2024

Terms | Privacy