xmrig | 8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61 | Triage

Submit
Reports

Overview

overview

Static

static

8b8221cc10...61.exe

windows7-x64

8b8221cc10...61.exe

windows10-2004-x64

Sharing

General

Target

8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61.exe
Size

1.1MB
Sample

221113-tzz2sabg45
MD5

19a474356662325b2059630216338194
SHA1

5537672751a37401bccf455f651d564bb314a924
SHA256

8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61
SHA512

d355ec56e5cc367617acc4524b9d44dc242e8f0fcc4fe28c9193c4c2dc3fa132368839a22a4ec470b0e506cefaadf69a3291c8e9dc766cdfb90541b7a5e0ecd4
SSDEEP

24576:8tPBwXgZiujGrs4EroJ7WtRDbQMPLqxpw3qt:CigZMsMN4v9jqxpwa

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61.exe

Resource

win7-20220901-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61.exe
- Size
  
  1.1MB
- MD5
  
  19a474356662325b2059630216338194
- SHA1
  
  5537672751a37401bccf455f651d564bb314a924
- SHA256
  
  8b8221cc10a597ef1872eed5525b3ec02d645652b60b8243110ab9a5d8589d61
- SHA512
  
  d355ec56e5cc367617acc4524b9d44dc242e8f0fcc4fe28c9193c4c2dc3fa132368839a22a4ec470b0e506cefaadf69a3291c8e9dc766cdfb90541b7a5e0ecd4
- SSDEEP
  
  24576:8tPBwXgZiujGrs4EroJ7WtRDbQMPLqxpw3qt:CigZMsMN4v9jqxpwa
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Scripting

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy