xmrig | 83a324111ace2b17e6b5d1e561cd2c3a640ac8e1e548351990e985ddb097ccef | Triage

Submit
Reports

Overview

overview

Static

static

3

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp
Size

2.5MB
Sample

231210-wx953shfdj
MD5

57ffc58217a06cee47323a2fdf337da4
SHA1

a68e4d48bf9cb79adfac09808a49a1dca11aa5b9
SHA256

83a324111ace2b17e6b5d1e561cd2c3a640ac8e1e548351990e985ddb097ccef
SHA512

bc073cd8dcaaf51a006b930036ca8aced6cdcb1dfe6ec55b9089375156a8cd34658ba18c3b3400ccbe470693493812c9afb8992ed9aa7446d9d6605b4bc25f4e
SSDEEP

49152:dTNaLsxLy06NWtWN1u9Ij18Ca5Ym0+XezmIoq9sWIOCY3h3zUeW7tesTex9Xr:5NtWLNW+49A8C3mpemp/8dzU77teN

Score

10^/10

xmrig evasion miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20231025-en

xmrig evasion miner persistence upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20231127-en

xmrig evasion miner persistence upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  tmp
- Size
  
  2.5MB
- MD5
  
  57ffc58217a06cee47323a2fdf337da4
- SHA1
  
  a68e4d48bf9cb79adfac09808a49a1dca11aa5b9
- SHA256
  
  83a324111ace2b17e6b5d1e561cd2c3a640ac8e1e548351990e985ddb097ccef
- SHA512
  
  bc073cd8dcaaf51a006b930036ca8aced6cdcb1dfe6ec55b9089375156a8cd34658ba18c3b3400ccbe470693493812c9afb8992ed9aa7446d9d6605b4bc25f4e
- SSDEEP
  
  49152:dTNaLsxLy06NWtWN1u9Ij18Ca5Ym0+XezmIoq9sWIOCY3h3zUeW7tesTex9Xr:5NtWLNW+49A8C3mpemp/8dzU77teN
Score

10^/10

xmrig evasion miner persistence upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

xmrigevasionminerpersistenceupx

behavioral2

xmrigevasionminerpersistenceupx

© 2018-2025

Terms | Privacy