xmrig | 5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e | Triage

Submit
Reports

Overview

overview

Static

static

1

5b5fb7165b...4e.exe

windows7-x64

5b5fb7165b...4e.exe

windows10-2004-x64

Sharing

General

Target

5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e
Size

890KB
Sample

220802-aa5fesbgfn
MD5

39235e9dc0c41d1c834311205707decb
SHA1

fbd32d7135ef784e94b8b0271b846392f7dce36e
SHA256

5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e
SHA512

93cb831f6c1a085741fc8e70dd19ac37d3a76e7b3d5a0f6798c6c8ae8e4e1b3ceb9d88be16438739f31528baa272179c4d0f07aad3668d73c8f090ee10114001

Score

10^/10

xmrig miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e.exe

Resource

win7-20220718-en

xmrig miner persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e.exe

Resource

win10v2004-20220721-en

xmrig miner persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e
- Size
  
  890KB
- MD5
  
  39235e9dc0c41d1c834311205707decb
- SHA1
  
  fbd32d7135ef784e94b8b0271b846392f7dce36e
- SHA256
  
  5b5fb7165b3b08c4bb203335cca2a8b10863ce3624ea5382771092967660a14e
- SHA512
  
  93cb831f6c1a085741fc8e70dd19ac37d3a76e7b3d5a0f6798c6c8ae8e4e1b3ceb9d88be16438739f31528baa272179c4d0f07aad3668d73c8f090ee10114001
Score

10^/10

xmrig miner persistence upx
- Modifies WinLogon for persistence
  persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceupx

behavioral2

xmrigminerpersistenceupx

© 2018-2024

Terms | Privacy