xmrig | b2d470fd5d86195d6ddbc986630b268a618cd0fdf95928bf2e067eae03d163ca | Triage

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
01-07-2022 05:18

Sharing

Report Analysis Logs

General

Target

b2d470fd5d86195d6ddbc986630b268a618cd0fdf95928bf2e067eae03d163ca.exe
Size

5.9MB
MD5

daa148b8bccbfd43093548a33d70f242
SHA1

3642dcd9dfecf1bddb935aa5250e10d64635c8e6
SHA256

b2d470fd5d86195d6ddbc986630b268a618cd0fdf95928bf2e067eae03d163ca
SHA512

12d2ef0ff9557d8fd6f109877fca93f33a8d6a27dbdc5a0e887adb37656e70b928b2d9fcfe721ba2ea69fc58a46300f1913735b095c4126b303834ac830bfeeb

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner Payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/3440-130-0x00007FF6FD9A0000-0x00007FF6FDCF4000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/3440-130-0x00007FF6FD9A0000-0x00007FF6FDCF4000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\b2d470fd5d86195d6ddbc986630b268a618cd0fdf95928bf2e067eae03d163ca.exe
"C:\Users\Admin\AppData\Local\Temp\b2d470fd5d86195d6ddbc986630b268a618cd0fdf95928bf2e067eae03d163ca.exe"
1⤵
PID:3440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3440-130-0x00007FF6FD9A0000-0x00007FF6FDCF4000-memory.dmp

Filesize
3.3MB

Download