Overview

overview

10

Static

static

sqlservr.exe

windows7_x64

10

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    03-12-2021 16:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sqlservr.exe

  • Size

    3.9MB

  • MD5

    325d88ea2ee59fc0faec0cd4e6db494e

  • SHA1

    63f2c5cbabd05e857c983741f4b9d71f7fbc6f69

  • SHA256

    eef7b9db43f331b41bfdc87fa0517fbd76981a9b9574fe2ee45bcc1ca390e616

  • SHA512

    6fdc79184bb209c1ec7e4a720fa6aed6a50a6dae2a6773d2c30c71be0eadbf2fb5dad6f906815a977a4081b239a06c4d087bcbb9b01a7aa8ffd8e4f0bb659cc2

Score
10/10
xmrigminer

Malware Config

Signatures

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig
  • XMRig Miner Payload 3 IoCs
    miner
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\sqlservr.exe
    "C:\Users\Admin\AppData\Local\Temp\sqlservr.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/656-55-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp
    Filesize

    3.8MB

    Download
  • memory/656-57-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-56-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-58-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-59-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-61-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-60-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-62-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-63-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-64-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-65-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-66-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-67-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-68-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-69-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-70-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-71-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-72-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-73-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-74-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-75-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-76-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-77-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-78-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-79-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-80-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-81-0x0000000076B60000-0x0000000076B70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-83-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-82-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-84-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-86-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-85-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-87-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-88-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-89-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-90-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-91-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-92-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-93-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-94-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-95-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-96-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-97-0x0000000076C60000-0x0000000076C70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/656-98-0x000000013F8F0000-0x0000000140C4B000-memory.dmp
    Filesize

    19.4MB

    Download
  • memory/656-99-0x000000013F8F0000-0x0000000140C4B000-memory.dmp
    Filesize

    19.4MB

    Download
  • memory/656-100-0x000000013F8F0000-0x0000000140C4B000-memory.dmp
    Filesize

    19.4MB

    Download