xmrig | b371b51337e99fcc788bdf4a22f3181a6feebbd663570e5ecebab4778dd46fc6 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

b371b51337e99fcc788bdf4a22f3181a6feebbd663570e5ecebab4778dd46fc6
Size

397KB
Sample

220518-q7vkgsdcbp
MD5

c8fcba7f09eafa1cc3a9c669836e2080
SHA1

797344f986987b380d5d7b4d33b0641e2fc7cee6
SHA256

b371b51337e99fcc788bdf4a22f3181a6feebbd663570e5ecebab4778dd46fc6
SHA512

241391d80a0e56d38732cf8828ccc0bcd1adbee46996df827638a83ed9628865efb9b49c304f69457add58acf8a0df68f39cf36aea9e95cc1b23b37d649db31d

Score

10^/10

xmrig evasion miner persistence

Static task

static1

Behavioral task

behavioral1

Sample

b371b51337e99fcc788bdf4a22f3181a6feebbd663570e5ecebab4778dd46fc6.exe

Resource

win10v2004-20220414-en

xmrig evasion miner persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  b371b51337e99fcc788bdf4a22f3181a6feebbd663570e5ecebab4778dd46fc6
- Size
  
  397KB
- MD5
  
  c8fcba7f09eafa1cc3a9c669836e2080
- SHA1
  
  797344f986987b380d5d7b4d33b0641e2fc7cee6
- SHA256
  
  b371b51337e99fcc788bdf4a22f3181a6feebbd663570e5ecebab4778dd46fc6
- SHA512
  
  241391d80a0e56d38732cf8828ccc0bcd1adbee46996df827638a83ed9628865efb9b49c304f69457add58acf8a0df68f39cf36aea9e95cc1b23b37d649db31d
Score

10^/10

xmrig evasion miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner Payload
  miner
- Downloads MZ/PE file
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies WinLogon
  persistence
- Modifies powershell logging option
  evasion
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigevasionminerpersistence

© 2018-2024

Terms | Privacy