Overview

overview

10

Static

static

app.exe

windows7_x64

10

app.exe

windows10_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    app.exe

  • Size

    2.2MB

  • Sample

    210718-3m48h9ja3a

  • MD5

    a884e0d194f7d29fea32dbde54726df5

  • SHA1

    518270967edd75a8d48327d34152a42410973286

  • SHA256

    04605e558a017e333a2dc6d15253bdd66f119e034bf81ebebdf796d101bdae24

  • SHA512

    528a0e65af5c0ae049e9febb79209efe84440439a96e4c920cc1943d7a35a4aad0b14380cd6f6329c8994b7b183ef75d898e51fbfb7da4e787cc58c7afe9fa6d

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      app.exe

    • Size

      2.2MB

    • MD5

      a884e0d194f7d29fea32dbde54726df5

    • SHA1

      518270967edd75a8d48327d34152a42410973286

    • SHA256

      04605e558a017e333a2dc6d15253bdd66f119e034bf81ebebdf796d101bdae24

    • SHA512

      528a0e65af5c0ae049e9febb79209efe84440439a96e4c920cc1943d7a35a4aad0b14380cd6f6329c8994b7b183ef75d898e51fbfb7da4e787cc58c7afe9fa6d

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Nirsoft

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks