xmrig | 003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
Size

4.1MB
Sample

220518-zzvd7agfhm
MD5

c1fd183c8ef30db8e2be4ab51e42501f
SHA1

67a5ba161cafa7f0471f03968dd0f94cfb21aa1a
SHA256

003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
SHA512

8b3060ae4c8e8e7f376ed40ac9741206f9d82f3185571a4edd2be05de5240ae743356cd498a842f58f969286e80014ecae29423a618b520d97cedc5a01ddc2f0

Score

10^/10

xmrig discovery evasion exploit miner

Static task

static1

Behavioral task

behavioral1

Sample

003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33.exe

Resource

win10-20220414-en

xmrig discovery evasion exploit miner

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
- Size
  
  4.1MB
- MD5
  
  c1fd183c8ef30db8e2be4ab51e42501f
- SHA1
  
  67a5ba161cafa7f0471f03968dd0f94cfb21aa1a
- SHA256
  
  003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
- SHA512
  
  8b3060ae4c8e8e7f376ed40ac9741206f9d82f3185571a4edd2be05de5240ae743356cd498a842f58f969286e80014ecae29423a618b520d97cedc5a01ddc2f0
Score

10^/10

xmrig discovery evasion exploit miner
- Modifies security service
  evasion
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner Payload
  miner
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Stops running service(s)
  evasion
- Modifies file permissions
  discovery
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Impair Defenses

File Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

xmrigdiscoveryevasionexploitminer

© 2018-2024

Terms | Privacy