Overview

overview

10

Static

static

8ceea3c19d...82.exe

windows7-x64

10

8ceea3c19d...82.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    91s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2022, 17:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8ceea3c19dd757165fc4a7597fb9f682.exe

  • Size

    5.1MB

  • MD5

    8ceea3c19dd757165fc4a7597fb9f682

  • SHA1

    d6bd4125d0a7fa22b6edf691d124569d2441c58e

  • SHA256

    71a7c75802852bc47630846ce55c037faba06b17035b93ba3bec6538579f3dcd

  • SHA512

    77808caf9d40b8e7769dadaac2951e8158df105c98e710f048adaaf2d00d7cb8ace12306f5684f4f456e43be5ec76796d8cc21e7adaef741b2d90d823b3ebbd6

  • SSDEEP

    98304:gkOBER7wfiWcNKahSgMk8miYFTG7vLEASMdwu+OAxCAJn9pB964:gkOBy14gXpivLEwz2E4

Score
10/10
xmrigminer

Malware Config

Signatures

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig
  • XMRig Miner payload 5 IoCs
    miner
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8ceea3c19dd757165fc4a7597fb9f682.exe
    "C:\Users\Admin\AppData\Local\Temp\8ceea3c19dd757165fc4a7597fb9f682.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:3944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3944-133-0x00007FF70A400000-0x00007FF70B88D000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/3944-134-0x00007FF4A0730000-0x00007FF4A0B01000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/3944-132-0x00007FF70A400000-0x00007FF70B88D000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/3944-135-0x00007FF70A400000-0x00007FF70B88D000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/3944-136-0x00007FF70A400000-0x00007FF70B88D000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/3944-137-0x00007FF70A400000-0x00007FF70B88D000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/3944-138-0x0000017B95010000-0x0000017B95030000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3944-139-0x00007FF70A400000-0x00007FF70B88D000-memory.dmp

    Filesize

    20.6MB

    Download

  • memory/3944-140-0x00007FF4A0730000-0x00007FF4A0B01000-memory.dmp

    Filesize

    3.8MB

    Download