xmrig | e3e8c9ca96111a903d7a65b58e2e1c4e1a3b1be7b70f8e5aac1d1db10029532e | Triage

Submit
Reports

Overview

overview

Static

static

3

ioi.exe

windows10-2004-x64

Sharing

General

Target

ioi.exe
Size

2.1MB
Sample

231002-hvj9zsga5x
MD5

5e0016fdfe5a3fa39a24dcc2f96fed5c
SHA1

9f7bc3d476e99906fa9f1b0a5e4f4049a62ed53f
SHA256

e3e8c9ca96111a903d7a65b58e2e1c4e1a3b1be7b70f8e5aac1d1db10029532e
SHA512

cf8e5d25b5e64d9540c754cdeba1f99699a48d04c4963c0e0c2af6e5a9c3d60ee0a07536e3edfea3257d0e900b152f04c2821e94a52a73c7da8fcc97aa2d3c85
SSDEEP

49152:tQH0KnAbpxUR52CuztwNd3u9amjsCd2avSoMelNmR3kER1:aBAbpxURj4wNkwmjdiqNmp1

Score

10^/10

xmrig miner

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ioi.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

11 signatures

1800 seconds

Malware Config

Extracted

Language

ps1

Source

URLs

ps1.dropper

https://yip.su/UpdateSecurity

Targets

- Target
  
  ioi.exe
- Size
  
  2.1MB
- MD5
  
  5e0016fdfe5a3fa39a24dcc2f96fed5c
- SHA1
  
  9f7bc3d476e99906fa9f1b0a5e4f4049a62ed53f
- SHA256
  
  e3e8c9ca96111a903d7a65b58e2e1c4e1a3b1be7b70f8e5aac1d1db10029532e
- SHA512
  
  cf8e5d25b5e64d9540c754cdeba1f99699a48d04c4963c0e0c2af6e5a9c3d60ee0a07536e3edfea3257d0e900b152f04c2821e94a52a73c7da8fcc97aa2d3c85
- SSDEEP
  
  49152:tQH0KnAbpxUR52CuztwNd3u9amjsCd2avSoMelNmR3kER1:aBAbpxURj4wNkwmjdiqNmp1
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy