xmrig | 4215e87e7c3338c0a28dc8923f0f17fae602d8d1005ea29bd4becafef4e5cdfb | Triage

Analysis

max time kernel
138s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
08-07-2022 03:40

Sharing

Report Analysis Logs

General

Target

4215e87e7c3338c0a28dc8923f0f17fae602d8d1005ea29bd4becafef4e5cdfb.exe
Size

5.9MB
MD5

f57e1c1b0968adaca8eab94f200299d6
SHA1

38d2ca1ff3dfb127f8a0aa004e65a32e285c2b11
SHA256

4215e87e7c3338c0a28dc8923f0f17fae602d8d1005ea29bd4becafef4e5cdfb
SHA512

d5d199adc2fb6df9b147fa93843573b150dc6178b9ccff72b983449eb1e0202941e7f75d5e7411e06a5cbfb3ad277275eb839c7d449c9dbd284a2e754bd852af

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4980-130-0x00007FF691A90000-0x00007FF691DE4000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/4980-130-0x00007FF691A90000-0x00007FF691DE4000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\4215e87e7c3338c0a28dc8923f0f17fae602d8d1005ea29bd4becafef4e5cdfb.exe
"C:\Users\Admin\AppData\Local\Temp\4215e87e7c3338c0a28dc8923f0f17fae602d8d1005ea29bd4becafef4e5cdfb.exe"
1⤵
PID:4980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4980-130-0x00007FF691A90000-0x00007FF691DE4000-memory.dmp

Filesize
3.3MB

Download