xmrig | d0948a1363acdb079ffdccf292ef54ed3737c04dfff5c0cbcffd0930e243c291 | Triage

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 05:31

Sharing

Report Analysis Logs

General

Target

0827a44c3a91470fd5fbc761f7513e86.exe
Size

1.9MB
MD5

0827a44c3a91470fd5fbc761f7513e86
SHA1

d1f1b71e874be9f21c6bb572c06c830402831855
SHA256

d0948a1363acdb079ffdccf292ef54ed3737c04dfff5c0cbcffd0930e243c291
SHA512

9e4bdee1a49ca8b5d695cef192a475eac9e063c4dc49a9a4d44ff779c5ebc18b094cd4ad5aa257cb0db0a0adf4f7de3423bf1cbbee17eff2a6a076e392b1225a
SSDEEP

49152:dezaTF8FcNkNdfE0pZ9oztQwI35aIwC+A8JhYZy8:demTLkNdfE0pZ3Z

Score

10^/10

xmrig miner upx

Malware Config

Signatures

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

resource	yara_rule
behavioral2/memory/1912-0-0x00007FF774D10000-0x00007FF775064000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1912-0-0x00007FF774D10000-0x00007FF775064000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\0827a44c3a91470fd5fbc761f7513e86.exe
"C:\Users\Admin\AppData\Local\Temp\0827a44c3a91470fd5fbc761f7513e86.exe"
1⤵
PID:1912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1912-0-0x00007FF774D10000-0x00007FF775064000-memory.dmp

Filesize
3.3MB

Download