xmrig | 36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab
Size

332KB
Sample

230421-17gnqsac66
MD5

39b70dd3e44ee8f8e2afaa127883de02
SHA1

27aeb37b097321b2840f5c96defbfb765c18ffbd
SHA256

36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab
SHA512

c58d2de62a74cfa187d033ecad2acb31a81b1fa5004e557d4530fb857b72e836c492045ffaa09215c6a9e2d8e9afd317b71ee84d15cff6c9cd549fc20ca95ae9
SSDEEP

6144:+LvyKqZVicRk8q9rWmj9ZYfNqBYLoywEJK+XI7/ib49LZy9:MKKqZcnWmjcfMBifwZjiiLk

Score

10^/10

xmrig miner

Static task

static1

Behavioral task

behavioral1

Sample

36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab.exe

Resource

win7-20230220-en

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab.exe

Resource

win10-20230220-en

windows10-1703-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab
- Size
  
  332KB
- MD5
  
  39b70dd3e44ee8f8e2afaa127883de02
- SHA1
  
  27aeb37b097321b2840f5c96defbfb765c18ffbd
- SHA256
  
  36534145797ac78972987952f9e210532aae1c66b3fe0bca48a769ed8e7739ab
- SHA512
  
  c58d2de62a74cfa187d033ecad2acb31a81b1fa5004e557d4530fb857b72e836c492045ffaa09215c6a9e2d8e9afd317b71ee84d15cff6c9cd549fc20ca95ae9
- SSDEEP
  
  6144:+LvyKqZVicRk8q9rWmj9ZYfNqBYLoywEJK+XI7/ib49LZy9:MKKqZcnWmjcfMBifwZjiiLk
Score

10^/10

xmrig miner
- XMRig Miner payload
  miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Downloads MZ/PE file
- Drops file in Drivers directory
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy