xmrig | e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024 | Triage

Sharing

General

Target

e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024
Size

71KB
Sample

220924-2bwy8acce5
MD5

1a9a8f5167110e1fbc55ab294d1ce876
SHA1

3c3ea653a37eff8b2b4214a4c6ecca3de5f33e99
SHA256

e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024
SHA512

7ec52829af747146fe1fbc74e15d0919687a3a08f0b6e3371a8c0ba446373a1748883d4452702a65f32f2740a4167eed1b18e11fa8c900fec7255e47356dd277
SSDEEP

768:FpaTRtS/y3YNYHFqJe4cplUf3/281s8TnJbR8YcdX2t3Ux4sbDZ+kAwl0dBKvl:+TmkDlqJJcc281s8dbRxZpGDb1HAwr9

Score

10^/10

xmrig miner persistence

Malware Config

Targets

- Target
  
  e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024
- Size
  
  71KB
- MD5
  
  1a9a8f5167110e1fbc55ab294d1ce876
- SHA1
  
  3c3ea653a37eff8b2b4214a4c6ecca3de5f33e99
- SHA256
  
  e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024
- SHA512
  
  7ec52829af747146fe1fbc74e15d0919687a3a08f0b6e3371a8c0ba446373a1748883d4452702a65f32f2740a4167eed1b18e11fa8c900fec7255e47356dd277
- SSDEEP
  
  768:FpaTRtS/y3YNYHFqJe4cplUf3/281s8TnJbR8YcdX2t3Ux4sbDZ+kAwl0dBKvl:+TmkDlqJJcc281s8dbRxZpGDb1HAwr9
Score

10^/10

xmrig miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistence