xmrig | afcabc4879b2caa194fa37d82932a2c9213c721bfb164730bdd3026c4973e95b | Triage

Analysis

max time kernel
90s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
01-07-2022 07:12

Sharing

Report Analysis Logs

General

Target

afcabc4879b2caa194fa37d82932a2c9213c721bfb164730bdd3026c4973e95b.exe
Size

5.9MB
MD5

d0617ac2c63174084e17e4d6ef5d7d6b
SHA1

2ba9173fb1157aaedcd6205a6c635da80215113d
SHA256

afcabc4879b2caa194fa37d82932a2c9213c721bfb164730bdd3026c4973e95b
SHA512

64e4e1066da8c66470d01679a8de353492139ebffcde3d8ea1bb2ff48dabc47ca9f16fa47780978dbc901e482df45a8f8583f5e446a5123a505c2d4e3414259f

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner Payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/1636-130-0x00007FF759260000-0x00007FF7595B4000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/1636-130-0x00007FF759260000-0x00007FF7595B4000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\afcabc4879b2caa194fa37d82932a2c9213c721bfb164730bdd3026c4973e95b.exe
"C:\Users\Admin\AppData\Local\Temp\afcabc4879b2caa194fa37d82932a2c9213c721bfb164730bdd3026c4973e95b.exe"
1⤵
PID:1636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1636-130-0x00007FF759260000-0x00007FF7595B4000-memory.dmp

Filesize
3.3MB

Download