xmrig | b6622a436cb33c1ee6a116580b12a39097eb4d566137705060e8bc3d02d2e43e | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

b6622a436cb33c1ee6a116580b12a39097eb4d566137705060e8bc3d02d2e43e
Size

3.4MB
Sample

230328-jxww8shg37
MD5

529ecbed8bf3ff5e1c4b613f36ab4758
SHA1

f84b7a020c221879744427f34c1957b4a52fc998
SHA256

b6622a436cb33c1ee6a116580b12a39097eb4d566137705060e8bc3d02d2e43e
SHA512

61cf4580182d4bbfe294589eaf1d1b0c9d4fdbc26a18e5b2e0dee1e4284a3e63cad5685fb79588b1cd9032c7cdfc109287276284c631540cd50b1786b05ea400
SSDEEP

98304:OK1xSdXvKNmorEZCXZcVrx5EibycA63ZZQi/hmnbpHWw:xmohXZyTl+d63pmVb

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

b6622a436cb33c1ee6a116580b12a39097eb4d566137705060e8bc3d02d2e43e.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  b6622a436cb33c1ee6a116580b12a39097eb4d566137705060e8bc3d02d2e43e
- Size
  
  3.4MB
- MD5
  
  529ecbed8bf3ff5e1c4b613f36ab4758
- SHA1
  
  f84b7a020c221879744427f34c1957b4a52fc998
- SHA256
  
  b6622a436cb33c1ee6a116580b12a39097eb4d566137705060e8bc3d02d2e43e
- SHA512
  
  61cf4580182d4bbfe294589eaf1d1b0c9d4fdbc26a18e5b2e0dee1e4284a3e63cad5685fb79588b1cd9032c7cdfc109287276284c631540cd50b1786b05ea400
- SSDEEP
  
  98304:OK1xSdXvKNmorEZCXZcVrx5EibycA63ZZQi/hmnbpHWw:xmohXZyTl+d63pmVb
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy