xmrig | c0f2713b2cb88cbfc7b59f97876eaa064a9b43b4ec6cbb12bcd78e20e56f464a | Triage

Submit
Reports

Overview

overview

Static

static

Cristalix/..._t.exe

windows7_x64

Cristalix/..._t.exe

windows10_x64

Sharing

General

Target

Dristalix.rar
Size

6.2MB
Sample

210717-v7jrd6cfhn
MD5

b9e0d550a387011614e96eee7894f44a
SHA1

a3a6abcb75c80cd123b137255a22ed55fd827e10
SHA256

c0f2713b2cb88cbfc7b59f97876eaa064a9b43b4ec6cbb12bcd78e20e56f464a
SHA512

f7c2782b5e093505f6adde5931a830eb6d9bb522e2c32a7812854063654563750c46bcb20af57ccd3e427ed4a667c021c4bfd2a86a279cf7961658ea106d3438

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

Cristalix/Cristalix_New_t.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Cristalix/Cristalix_New_t.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Cristalix/Cristalix_New_t.exe
- Size
  
  6.5MB
- MD5
  
  c2b39eba635ba5dc92c1a7aaf6999be3
- SHA1
  
  65800969eb6066c6d3632b176d2c7bb97664a69a
- SHA256
  
  e3bdbc55c8c0d6eb4c87bf3f3670fbb58d6ed8d87d5feb21b502298532a45fbb
- SHA512
  
  611cc6eaadb361cb4a37915c964778d5caa307027d406295cce41986133c682b1b446f65af156a1ab71c8aacda8934ac3cd29c51e0771340553eac3d6a1d5f61
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner Payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy