xmrig | 0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

Sharing

General

Target

0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1
Size

301KB
Sample

230416-fejmeaha35
MD5

b1f5b6125991825cfb4a06104499b3ed
SHA1

c46a5fbbf1f9262fe4d7f08d507ec41de96fc9ae
SHA256

0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1
SHA512

798d1318a82bfaf24f42aaf4fee87c7d148bf9210bb5a889304026b9723520f9972073dbd37ee61f90293e5bba7576911f9a5ef9b5685d56e0ce5fbfc394029c
SSDEEP

6144:ZgKilj8OGsaOzcDLwjaGUxYM8wS3Y3avn4udWglY:ZFit8OGt6cP2ajZPK4ud

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1.exe

Resource

win7-20230220-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1.exe

Resource

win10-20230220-en

windows10-1703-x64

12 signatures

300 seconds

Malware Config

Targets

- Target
  
  0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1
- Size
  
  301KB
- MD5
  
  b1f5b6125991825cfb4a06104499b3ed
- SHA1
  
  c46a5fbbf1f9262fe4d7f08d507ec41de96fc9ae
- SHA256
  
  0baf968b2431209d904281476a75b04188751a3eb130231e6bf2cea552ef17d1
- SHA512
  
  798d1318a82bfaf24f42aaf4fee87c7d148bf9210bb5a889304026b9723520f9972073dbd37ee61f90293e5bba7576911f9a5ef9b5685d56e0ce5fbfc394029c
- SSDEEP
  
  6144:ZgKilj8OGsaOzcDLwjaGUxYM8wS3Y3avn4udWglY:ZFit8OGt6cP2ajZPK4ud
Score

10^/10

xmrig miner
- XMRig Miner payload
  miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Downloads MZ/PE file
- Drops file in Drivers directory
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy