xmrig | f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093 | Triage

Submit
Reports

Overview

overview

Static

static

f352fe9435...93.exe

windows7-x64

1

f352fe9435...93.exe

windows10-2004-x64

Sharing

General

Target

f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
Size

2.2MB
Sample

220930-y62w6sefg3
MD5

fd2c7234b828082ab12d91f9ac2f77a5
SHA1

7f69beefafe276f7c7acf26fdeddfcd2b2d7b45d
SHA256

f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
SHA512

e5c24e1a8f35b2f6ed9c80bfd32e554f8f681c4a0e92358ce5ae4881773658268840dec96a1c3dd9ecf4efde7ce302b8662f8a28e7c76a5134d98721f164233a
SSDEEP

12288:SHtRQJ3xBroe2ICXt0JbpWs0pz/rJnw4Atb14XDUGL7r0vwhSGmn//uhmKGI9lg+:SM1knw4E14h7gdG

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
- Size
  
  2.2MB
- MD5
  
  fd2c7234b828082ab12d91f9ac2f77a5
- SHA1
  
  7f69beefafe276f7c7acf26fdeddfcd2b2d7b45d
- SHA256
  
  f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
- SHA512
  
  e5c24e1a8f35b2f6ed9c80bfd32e554f8f681c4a0e92358ce5ae4881773658268840dec96a1c3dd9ecf4efde7ce302b8662f8a28e7c76a5134d98721f164233a
- SSDEEP
  
  12288:SHtRQJ3xBroe2ICXt0JbpWs0pz/rJnw4Atb14XDUGL7r0vwhSGmn//uhmKGI9lg+:SM1knw4E14h7gdG
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy