Overview

overview

10

Static

static

8ceea3c19d...82.exe

windows7-x64

10

8ceea3c19d...82.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    31s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2022 17:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8ceea3c19dd757165fc4a7597fb9f682.exe

  • Size

    5.1MB

  • MD5

    8ceea3c19dd757165fc4a7597fb9f682

  • SHA1

    d6bd4125d0a7fa22b6edf691d124569d2441c58e

  • SHA256

    71a7c75802852bc47630846ce55c037faba06b17035b93ba3bec6538579f3dcd

  • SHA512

    77808caf9d40b8e7769dadaac2951e8158df105c98e710f048adaaf2d00d7cb8ace12306f5684f4f456e43be5ec76796d8cc21e7adaef741b2d90d823b3ebbd6

  • SSDEEP

    98304:gkOBER7wfiWcNKahSgMk8miYFTG7vLEASMdwu+OAxCAJn9pB964:gkOBy14gXpivLEwz2E4

Score
10/10
xmrigminer

Malware Config

Signatures

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig
  • XMRig Miner payload 6 IoCs
    miner
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8ceea3c19dd757165fc4a7597fb9f682.exe
    "C:\Users\Admin\AppData\Local\Temp\8ceea3c19dd757165fc4a7597fb9f682.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2044-54-0x000000013FF40000-0x00000001413CD000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/2044-55-0x000000013FF40000-0x00000001413CD000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/2044-56-0x000000013FF40000-0x00000001413CD000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/2044-57-0x000000013FF40000-0x00000001413CD000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/2044-58-0x00000000003E0000-0x0000000000400000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2044-60-0x000000013FF40000-0x00000001413CD000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/2044-59-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/2044-61-0x000000013FF40000-0x00000001413CD000-memory.dmp

    Filesize

    20.6MB

    Download