xmrig | 2e55752a5ce424f78521951780658ea572e78920fab1980c5047eb543d3dbec8

Sharing

Copy URL

Twitter E-mail

General

Target

SysApps.rar
Size

2.7MB
Sample

230110-xy925shc37
MD5

d8aabcb45980942c2921ba3e38f6a2ab
SHA1

c012472480a5e00d4c14449446652c370fa5c060
SHA256

2e55752a5ce424f78521951780658ea572e78920fab1980c5047eb543d3dbec8
SHA512

779bb97a7f58896c7343971c3844ca90aaa468a31fee4e3a4af281798aebd5b68b0ba9ffe299d0230579b67e1dcd3ac2b1fb439d88878e720395288aed2a885e
SSDEEP

49152:g8c9wss9n2iEhIKWHjJAex1xb/woiBLrPIrUZ1r:g8c9wssZHHjJA411WPIrsr

Score

10^/10

xmrig miner

Malware Config

Targets

- Target
  
  SysApps.rar
- Size
  
  2.7MB
- MD5
  
  d8aabcb45980942c2921ba3e38f6a2ab
- SHA1
  
  c012472480a5e00d4c14449446652c370fa5c060
- SHA256
  
  2e55752a5ce424f78521951780658ea572e78920fab1980c5047eb543d3dbec8
- SHA512
  
  779bb97a7f58896c7343971c3844ca90aaa468a31fee4e3a4af281798aebd5b68b0ba9ffe299d0230579b67e1dcd3ac2b1fb439d88878e720395288aed2a885e
- SSDEEP
  
  49152:g8c9wss9n2iEhIKWHjJAex1xb/woiBLrPIrUZ1r:g8c9wssZHHjJA411WPIrsr
Score

3^/10
behavioral1
- Target
  
  SysApps/SHA256SUMS
- Size
  
  748B
- MD5
  
  4d30cec88ebf0b282031ff8b42ca36d8
- SHA1
  
  a3da853d1a7845b04ed4597c08a397cefaa521a5
- SHA256
  
  7275745f63dc0ada7b3f29d7b7ca6a4963d7b6f9f6382fb1f765fffd6e519237
- SHA512
  
  2e0f62829a90b41ff3f07bc10c3d09a03ae373e6f6efa32cc830432aa0a0d398f736074e3a712908a0b65c16b55599f67ff1133bdbbb0037c421d261bacf2bfa
Score

1^/10
behavioral2
- Target
  
  SysApps/WinRing0x64.sys
- Size
  
  14KB
- MD5
  
  0c0195c48b6b8582fa6f6373032118da
- SHA1
  
  d25340ae8e92a6d29f599fef426a2bc1b5217299
- SHA256
  
  11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
- SHA512
  
  ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d
- SSDEEP
  
  192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
Score

1^/10
behavioral3
- Target
  
  SysApps/benchmark_10M.cmd
- Size
  
  56B
- MD5
  
  14b1ce42ded2df03638180864e4d056f
- SHA1
  
  cbc1b3edd1942630f6363f3ccae574283b14c260
- SHA256
  
  bdec0d2ea20decc25659f26c7bfd7a78fb0e51cc100443b8a35c43206d2eb86a
- SHA512
  
  d8297c2728245b570ad71b8062a17e28e2d9e72bf8be773bb92828e57912cdd0a6ec35fe244069a5fdaf3be8cfe3997c403ea551b81be5708dd80c6eb5f6e458
Score

1^/10
behavioral4
- Target
  
  SysApps/benchmark_1M.cmd
- Size
  
  55B
- MD5
  
  4cc3ab4b68dc35959e289f4c7562e909
- SHA1
  
  c88098544439d41013eaaa7e31d2ed68ddd9c874
- SHA256
  
  8d26568f8d874053ad68dd1f4510a85ae61045e0945c33599dabd461fae7e835
- SHA512
  
  858f12ac880d4b794110ac21ca77a56933a781383a435a23b2e58d3925208f712424e691f90b1ee8a8f5c459c19969ef39a609ac4ddbcc5f4d98ed4dc1f17bb5
Score

1^/10
behavioral5
- Target
  
  SysApps/config.json
- Size
  
  3KB
- MD5
  
  eb4a9882d544f7840677ac246459407d
- SHA1
  
  845ea4096c35f5e96cfd7cea18daaa8bd3ed8966
- SHA256
  
  03e79f8a26a3b0d99f159dc4a3aeebb3e36a65c61b239a839e4a4b8dc9774edb
- SHA512
  
  cdae281da81aaa536517b44b32d507c77fe67f9da2a9a40dfee8c92264f156e1559191731e8cfbb002150641bfa19486238cd22303b99d544a3d3dc070a2ed31
Score

3^/10
behavioral6
- Target
  
  SysApps/pool_mine_example.cmd
- Size
  
  1KB
- MD5
  
  e7e82ca383d5c8db7d12f5770d04e2a3
- SHA1
  
  8e0f5111f4e0d95a606a0a434a03f15d6c118b04
- SHA256
  
  02ed7c9449e9f7c92709edc9e687e66c0e5ab012196eb90ef5071a2d698af62e
- SHA512
  
  40b14adab0f0d1374001e5d754f97e902c448190c3580b3a028f0ca1c16e52bc625292e85ee90a652dadda689c83877269962935b5d7382186c84a0df2fa50b8
Score

1^/10
behavioral7
- Target
  
  SysApps/rtm_ghostrider_example.cmd
- Size
  
  1KB
- MD5
  
  9b7762432e3ab03dc49b1989ec7b8d1c
- SHA1
  
  ac7f0df988b00f665e29c6204866d8ba4cc18b5f
- SHA256
  
  bfcef8b9791893a58f4a999190e83d8426a6d1be6b7ee9ccd8bd06f5e55d314d
- SHA512
  
  920f6c7cb3f95c82ec7a97314166c7a7165ee4d6d658c70d64f6528515dd7b10e9d0c28f91fa958b47663d854fa8037ec2ca8368e7d550f5f2c49a16504ffa88
Score

1^/10
behavioral8
- Target
  
  SysApps/solo_mine_example.cmd
- Size
  
  815B
- MD5
  
  9a6e73e55c32bb8db34e599a8ae176a3
- SHA1
  
  bf4b8811a649529fd821fdee9236622cd1d4ad3d
- SHA256
  
  6e87f8c30fe0ef0035227ed01d3824223b72c9a196bdcd3202bb0a533d0ea804
- SHA512
  
  aefca1b39751dd5caf3050c8e2dbe0a53ac2d0d14d9178ae10e7b33af256a30fc7522884c1ad5fcfca83fd18aed5bd05c350bbb103bf597ac00fe33b220a53b0
Score

1^/10
behavioral9
- Target
  
  SysApps/start.cmd
- Size
  
  102B
- MD5
  
  b16db6e30e95f6bfdda6855e24e89452
- SHA1
  
  ed88e3c582a1442de870cf8bc308883d06864607
- SHA256
  
  ba9d55198ba50f3cbad464d29414feb17037e8de0dd1d048a8c0103d1142e750
- SHA512
  
  2dc8372df56ede3d652f51d8947165698c7d33aa8b6ac14785ea52645f6f3699d2e824e0590fc81f7dcf16095c71d97d020abc3b471eb730e4306d291f8c10fb
Score

5^/10
- Drops file in System32 directory
behavioral10
- Target
  
  SysApps/xmrig.exe
- Size
  
  7.8MB
- MD5
  
  6f4532e49d65c2be0355b222f96e06e8
- SHA1
  
  268e90ce25e01bbb205f6ae3f493f8da36a61480
- SHA256
  
  acaf8e844ef7f4f65033ebe9546c394cc21bce175dac8b59199106309f04e5ab
- SHA512
  
  85f495b0bbd0673df376f44e912f9a0a8d201c2843f1a9efa64d93703a2d8ba2b6fa2638a747e79604715d26ddfc07de26ba43d03adf86290d928b442bf09207
- SSDEEP
  
  98304:D8sOUckgBwr4UyuwShsa+XbcDVa2+N/qyRiXM71ZQkcn4CuJ9KWZVxBJNxg/F5MB:vYwr/xU3rDXWMc85j4eEsoCSCwG
Score

1^/10
behavioral11

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11