xmrig | 91eb4acd7e16923cc03e7c148d3ba5f0bb6af34f566c52976767f316a80d8935 | Triage

Submit
Reports

Overview

overview

Static

static

1

setup.exe

windows7-x64

setup.exe

windows10-2004-x64

Sharing

General

Target

setup.exe
Size

3.4MB
Sample

230402-atgtgadf68
MD5

5b960890ed6518af295dc6a18129549d
SHA1

309c4a765aed75b2a8dd07c5aba9eb026ec1f2ca
SHA256

91eb4acd7e16923cc03e7c148d3ba5f0bb6af34f566c52976767f316a80d8935
SHA512

46e82e413a04b1d749b223c695283f336147161a15f4b4ae3111ae565e7c6846cb4c65122405b07e8ef7ebd85966897908c03ace1964785a6da0eca111613a07
SSDEEP

98304:hK1xSdXvKNmorEZCXZcVrx5EibycA63ZZQi/hmnbpHWK:amohXZyTl+d63pmVF

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

setup.exe

Resource

win7-20230220-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

setup.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  setup.exe
- Size
  
  3.4MB
- MD5
  
  5b960890ed6518af295dc6a18129549d
- SHA1
  
  309c4a765aed75b2a8dd07c5aba9eb026ec1f2ca
- SHA256
  
  91eb4acd7e16923cc03e7c148d3ba5f0bb6af34f566c52976767f316a80d8935
- SHA512
  
  46e82e413a04b1d749b223c695283f336147161a15f4b4ae3111ae565e7c6846cb4c65122405b07e8ef7ebd85966897908c03ace1964785a6da0eca111613a07
- SSDEEP
  
  98304:hK1xSdXvKNmorEZCXZcVrx5EibycA63ZZQi/hmnbpHWK:amohXZyTl+d63pmVF
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy