xmrig | ad8302cc27bcb2b8701aa1cce10c6b08ebef18aee1c77853e6d76a90558957f0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

ad8302cc27bcb2b8701aa1cce10c6b08ebef18aee1c77853e6d76a90558957f0
Size

3.4MB
Sample

230202-k9r99ahe9x
MD5

2e650376cd95f186c48b3c2a55e73129
SHA1

db0dd8ab08d23e64d4ade4c0f9e900252fcaa4d7
SHA256

ad8302cc27bcb2b8701aa1cce10c6b08ebef18aee1c77853e6d76a90558957f0
SHA512

ef241f8bdff2bd9d2bf7c2c86e715fcdcda0bad3578bbaffd540c916394e1b33f1cf6664001dd687adefb51fae4fe70a384b5d2291777fc5038a98fbded74265
SSDEEP

98304:/dHXuzq3zvG40UcGwOI54HPXVk79/Cyf31DA0R:F3uzczaUx/I54H/0/

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

ad8302cc27bcb2b8701aa1cce10c6b08ebef18aee1c77853e6d76a90558957f0.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad8302cc27bcb2b8701aa1cce10c6b08ebef18aee1c77853e6d76a90558957f0
- Size
  
  3.4MB
- MD5
  
  2e650376cd95f186c48b3c2a55e73129
- SHA1
  
  db0dd8ab08d23e64d4ade4c0f9e900252fcaa4d7
- SHA256
  
  ad8302cc27bcb2b8701aa1cce10c6b08ebef18aee1c77853e6d76a90558957f0
- SHA512
  
  ef241f8bdff2bd9d2bf7c2c86e715fcdcda0bad3578bbaffd540c916394e1b33f1cf6664001dd687adefb51fae4fe70a384b5d2291777fc5038a98fbded74265
- SSDEEP
  
  98304:/dHXuzq3zvG40UcGwOI54HPXVk79/Cyf31DA0R:F3uzczaUx/I54H/0/
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- XMRig Miner payload
  miner
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Scripting

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy