xmrig | 6e5d4c313348de4899061ef81ea9d8960dfd250d6bfa14c9cc3582ed76ee4991 | Triage

Analysis

max time kernel
149s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
01-07-2022 07:01

Sharing

Report Analysis Logs

General

Target

6e5d4c313348de4899061ef81ea9d8960dfd250d6bfa14c9cc3582ed76ee4991.exe
Size

5.9MB
MD5

dfc724c3a462616addc39e4db2cd65df
SHA1

17c089d43f2c9e0225a26008b6aaca1d0b6dc45c
SHA256

6e5d4c313348de4899061ef81ea9d8960dfd250d6bfa14c9cc3582ed76ee4991
SHA512

56f86eeb7b99e3102c0dabc1d9abec69f25f0ee97d44958949d9641f518db9011a73f56b8e3d415fb875d08789fd6521eb9b7641b3a37fa17bd16f12d2555b2b

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner Payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/5000-130-0x00007FF737610000-0x00007FF737964000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/5000-130-0x00007FF737610000-0x00007FF737964000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\6e5d4c313348de4899061ef81ea9d8960dfd250d6bfa14c9cc3582ed76ee4991.exe
"C:\Users\Admin\AppData\Local\Temp\6e5d4c313348de4899061ef81ea9d8960dfd250d6bfa14c9cc3582ed76ee4991.exe"
1⤵
PID:5000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5000-130-0x00007FF737610000-0x00007FF737964000-memory.dmp

Filesize
3.3MB

Download