loaderbot | f68ce7141201ab26841498cf062755f2fdd31e6cf66655a2c3aa3ef70ca0a668 | Triage

Submit
Reports

Overview

overview

Static

static

1

c1c8343106...d2.exe

windows7-x64

c1c8343106...d2.exe

windows10-2004-x64

Sharing

General

Target

c1c83431067ad5f303a53e552808f9d2
Size

1.9MB
Sample

231228-egn48sheb2
MD5

c1c83431067ad5f303a53e552808f9d2
SHA1

f095b539cb596cd1ab22c8a8ac5debf32fd4f957
SHA256

f68ce7141201ab26841498cf062755f2fdd31e6cf66655a2c3aa3ef70ca0a668
SHA512

4cb736146314af22b60866a2cde96947b7f1b80bd7e24048f098ee28bd7e92383daeab2b6b20ba3043a9a3173eea6464d5023469aed5e35901d6027754ab9b37
SSDEEP

49152:pgM2OSAUhB0ETI++BrpMLdDQXWb+FPWRH:aM2DD5IhBrpCFQXk+FPWR

Score

10^/10

loaderbot xmrig loader miner persistence

Static task

static1

Behavioral task

behavioral1

Sample

c1c83431067ad5f303a53e552808f9d2.exe

Resource

win7-20231215-en

loaderbot xmrig loader miner

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c1c83431067ad5f303a53e552808f9d2.exe

Resource

win10v2004-20231222-en

loaderbot xmrig loader miner persistence

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  c1c83431067ad5f303a53e552808f9d2
- Size
  
  1.9MB
- MD5
  
  c1c83431067ad5f303a53e552808f9d2
- SHA1
  
  f095b539cb596cd1ab22c8a8ac5debf32fd4f957
- SHA256
  
  f68ce7141201ab26841498cf062755f2fdd31e6cf66655a2c3aa3ef70ca0a668
- SHA512
  
  4cb736146314af22b60866a2cde96947b7f1b80bd7e24048f098ee28bd7e92383daeab2b6b20ba3043a9a3173eea6464d5023469aed5e35901d6027754ab9b37
- SSDEEP
  
  49152:pgM2OSAUhB0ETI++BrpMLdDQXWb+FPWRH:aM2DD5IhBrpCFQXk+FPWR
Score

10^/10

loaderbot xmrig loader miner persistence
- LoaderBot
  LoaderBot is a loader written in .NET downloading and executing miners.
  loader miner loaderbot
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- LoaderBot executable
- XMRig Miner payload
  miner
- Drops startup file
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

loaderbotxmrigloaderminer

behavioral2

loaderbotxmrigloaderminerpersistence

© 2018-2025

Terms | Privacy