xmrig | 3dd5f9acef213e5cd84f54cd05dd02a671fb62fa778e997c532fed7868594351 | Triage

Analysis

max time kernel
91s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
01-07-2022 14:18

Sharing

Report Analysis Logs

General

Target

3dd5f9acef213e5cd84f54cd05dd02a671fb62fa778e997c532fed7868594351.exe
Size

5.9MB
MD5

2a19506cc53a25f8417fe1e4b282623b
SHA1

be66fa92612eeb5ffc95d848341f1be4516a610e
SHA256

3dd5f9acef213e5cd84f54cd05dd02a671fb62fa778e997c532fed7868594351
SHA512

edc2c69ac918fa7ac9d674b5994ca0d40deb0d1bc88a1380f67589a7807fb68dcbb52cd92c8e287531ef1db34784c503dd9db79ffd184b908d77a8452b975766

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner Payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4172-130-0x00007FF6B5A60000-0x00007FF6B5DB4000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/4172-130-0x00007FF6B5A60000-0x00007FF6B5DB4000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\3dd5f9acef213e5cd84f54cd05dd02a671fb62fa778e997c532fed7868594351.exe
"C:\Users\Admin\AppData\Local\Temp\3dd5f9acef213e5cd84f54cd05dd02a671fb62fa778e997c532fed7868594351.exe"
1⤵
PID:4172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4172-130-0x00007FF6B5A60000-0x00007FF6B5DB4000-memory.dmp

Filesize
3.3MB

Download