xmrig | be526c773e472dfe1285db00b439e3e921d713632b0a9a3cb9e6258d0ad96605 | Triage

Submit
Reports

Overview

overview

Static

static

Skript_bypass.exe

windows10-2004-x64

Resubmissions

26-11-2022 21:46

221126-1m5j3abc81 10

Sharing

General

Target

Skript_bypass.exe
Size

476KB
Sample

221126-1m5j3abc81
MD5

b29ce7f547d796ed020f206b87e54b5a
SHA1

93be4fe0cd16212a8dba09a197b8f9829f6788ca
SHA256

be526c773e472dfe1285db00b439e3e921d713632b0a9a3cb9e6258d0ad96605
SHA512

e08bbdea013329b785a1df951d1267b58aae7800a4471c747b966083157cd6d44f0afa6340583df71ecd45677326665cf4a85850ff0c6ff6257ad27fd2e6bd50
SSDEEP

12288:66QerNoCMBrbdGHjguKOEdlPBP7HEyWSvLVgVcJ+EUTN8Zds3z+cWJC:GM23M7K3dnDHEyWSDVgqsE4Nl+cWJ

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

Skript_bypass.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  Skript_bypass.exe
- Size
  
  476KB
- MD5
  
  b29ce7f547d796ed020f206b87e54b5a
- SHA1
  
  93be4fe0cd16212a8dba09a197b8f9829f6788ca
- SHA256
  
  be526c773e472dfe1285db00b439e3e921d713632b0a9a3cb9e6258d0ad96605
- SHA512
  
  e08bbdea013329b785a1df951d1267b58aae7800a4471c747b966083157cd6d44f0afa6340583df71ecd45677326665cf4a85850ff0c6ff6257ad27fd2e6bd50
- SSDEEP
  
  12288:66QerNoCMBrbdGHjguKOEdlPBP7HEyWSvLVgVcJ+EUTN8Zds3z+cWJC:GM23M7K3dnDHEyWSDVgqsE4Nl+cWJ
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy