minfx.exe

General
Target

minfx.exe

Size

4MB

Sample

220513-wgvqfsacf2

Score
10 /10
MD5

8268ff95b3aaea6d6de8f02a73c323d2

SHA1

ae470145c4f5780315b52aa1c57ae0c04a2d18ca

SHA256

529831a3e5b7b61f74f7a426e828210017daf1eea2cbf7cf997c13d82822aef8

SHA512

9603dde1bfd9874637e63a268a7c8f85032892b4e58d3f96678dfbb52b453a972e00cd49077574e58726d3c5045788ede5a9b81c89a464342d5b64070c7325c0

Malware Config
Targets
Target

minfx.exe

MD5

8268ff95b3aaea6d6de8f02a73c323d2

Filesize

4MB

Score
10/10
SHA1

ae470145c4f5780315b52aa1c57ae0c04a2d18ca

SHA256

529831a3e5b7b61f74f7a426e828210017daf1eea2cbf7cf997c13d82822aef8

SHA512

9603dde1bfd9874637e63a268a7c8f85032892b4e58d3f96678dfbb52b453a972e00cd49077574e58726d3c5045788ede5a9b81c89a464342d5b64070c7325c0

Tags

Signatures

  • xmrig

    Description

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    Tags

  • XMRig Miner Payload

    Tags

  • Executes dropped EXE

  • Possible privilege escalation attempt

    Tags

  • Stops running service(s)

    Tags

    TTPs

    Modify Existing ServiceService Stop
  • Loads dropped DLL

  • Modifies file permissions

    Tags

    TTPs

    File Permissions Modification
  • Drops file in System32 directory

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Discovery
          Execution
            Exfiltration
              Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    8/10