xmrig | b45152b6f575816c3d86ce8bb35fff917e6535de4ae84c04a4b97970ed0e8109 | Triage

Submit
Reports

Overview

overview

Static

static

1

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

9.8MB
Sample

231009-ptf99seh85
MD5

caa5d4bc40598d0896c79a5ffc90e301
SHA1

7af47a5ca2cc7f422b6bf33620b385fe6899af29
SHA256

b45152b6f575816c3d86ce8bb35fff917e6535de4ae84c04a4b97970ed0e8109
SHA512

95cc5f4bcbd1cb5badc24681e9a4a478e7b484ffe8ad441be86e2fd80a2410cf67e39d5c548227d18babf6c7c0fb58b5e680ea662c039b6f6c09ae11324676a1
SSDEEP

196608:plXsEIej17HAGQkOYj6Tr71XILoqW0wRbGypipMtCTC+K:plXsnGQfYCIluRpipMtCTCl

Score

10^/10

xmrig evasion miner

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20230831-en

xmrig evasion miner

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20230915-en

xmrig evasion miner

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  9.8MB
- MD5
  
  caa5d4bc40598d0896c79a5ffc90e301
- SHA1
  
  7af47a5ca2cc7f422b6bf33620b385fe6899af29
- SHA256
  
  b45152b6f575816c3d86ce8bb35fff917e6535de4ae84c04a4b97970ed0e8109
- SHA512
  
  95cc5f4bcbd1cb5badc24681e9a4a478e7b484ffe8ad441be86e2fd80a2410cf67e39d5c548227d18babf6c7c0fb58b5e680ea662c039b6f6c09ae11324676a1
- SSDEEP
  
  196608:plXsEIej17HAGQkOYj6Tr71XILoqW0wRbGypipMtCTC+K:plXsnGQfYCIluRpipMtCTCl
Score

10^/10

xmrig evasion miner
- Suspicious use of NtCreateUserProcessOtherParentProcess
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

xmrigevasionminer

behavioral2

xmrigevasionminer

© 2018-2025

Terms | Privacy