xmrig | 6c18b1e5a90977b48b5b9ce94b03c46665b1c9c305e9dd3e4eaec9e2fe1679d1 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

6c18b1e5a90977b48b5b9ce94b03c46665b1c9c305e9dd3e4eaec9e2fe1679d1
Size

17.8MB
Sample

211201-tykkpsdgem
MD5

d9ac013439b130beb75112a9a283e8ad
SHA1

d9af31324653804281830aeb9f3214e0cc1a6c4f
SHA256

6c18b1e5a90977b48b5b9ce94b03c46665b1c9c305e9dd3e4eaec9e2fe1679d1
SHA512

967ffe9896730239e8e39f8856e25787aeb15d69aba04e4d8842795f5ed20b821f948e53afdcb87f9a4791aaaefabc4b4a28cc0c8ab572016843e4af04990a91

Score

10^/10

xmrig miner persistence

Static task

static1

Behavioral task

behavioral1

Sample

6c18b1e5a90977b48b5b9ce94b03c46665b1c9c305e9dd3e4eaec9e2fe1679d1.exe

Resource

win10-en-20211014

xmrig miner persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6c18b1e5a90977b48b5b9ce94b03c46665b1c9c305e9dd3e4eaec9e2fe1679d1
- Size
  
  17.8MB
- MD5
  
  d9ac013439b130beb75112a9a283e8ad
- SHA1
  
  d9af31324653804281830aeb9f3214e0cc1a6c4f
- SHA256
  
  6c18b1e5a90977b48b5b9ce94b03c46665b1c9c305e9dd3e4eaec9e2fe1679d1
- SHA512
  
  967ffe9896730239e8e39f8856e25787aeb15d69aba04e4d8842795f5ed20b821f948e53afdcb87f9a4791aaaefabc4b4a28cc0c8ab572016843e4af04990a91
Score

10^/10

xmrig miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner Payload
  miner
- Executes dropped EXE
- Cryptocurrency Miner
  Makes network request to known mining pool URL.
  miner
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigminerpersistence

© 2018-2024

Terms | Privacy