xmrig | 41810e7e07b9b7ea7874f765bf5e0a11381d33c78ebf6da3988a1a038d49a78d | Triage

Analysis

max time kernel
152s
max time network
173s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
08-07-2022 05:31

Sharing

Report Analysis Logs

General

Target

41810e7e07b9b7ea7874f765bf5e0a11381d33c78ebf6da3988a1a038d49a78d.exe
Size

5.9MB
MD5

25eb190405672b8d940393619e6a0a8e
SHA1

b1de4d51e418d8e010e38778adc454ac6e0dc704
SHA256

41810e7e07b9b7ea7874f765bf5e0a11381d33c78ebf6da3988a1a038d49a78d
SHA512

98c8e29a4ee78be414cb8965b8d36e96064a10f1fb990566d7818855069e679494e22b0d98dafe005242375fdb2d4ad9256235e1207d5159139f30e8feb1f2f6

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/488-130-0x00007FF7D9610000-0x00007FF7D9964000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/488-130-0x00007FF7D9610000-0x00007FF7D9964000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\41810e7e07b9b7ea7874f765bf5e0a11381d33c78ebf6da3988a1a038d49a78d.exe
"C:\Users\Admin\AppData\Local\Temp\41810e7e07b9b7ea7874f765bf5e0a11381d33c78ebf6da3988a1a038d49a78d.exe"
1⤵
PID:488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/488-130-0x00007FF7D9610000-0x00007FF7D9964000-memory.dmp

Filesize
3.3MB

Download