xmrig | a8ae29395e8234f4d2a35a88ff8d34b353c716d81d0d7e05eacc5d4e2a2aacc8 | Triage

Submit
Reports

Overview

overview

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file
Size

2.5MB
Sample

240203-3dj8waccd7
MD5

f44f200e7d7f8ae6035b382a2a4240dd
SHA1

8f11e6d44050813db4aa6ba0971ab873cc3ad797
SHA256

a8ae29395e8234f4d2a35a88ff8d34b353c716d81d0d7e05eacc5d4e2a2aacc8
SHA512

193781602d1768e170dd9ed149fd07fe72f84789a7d25fe59ad62555f381e7470b4d30866609cf4a387834ed7fda7a2a552d8654117c5dea5cf3288b58c68a39
SSDEEP

49152:3hU0Vy41dosEvIMf9FhcBYFUjeCnfDCvNb2aeP4mN:RU0zPoTvIYnh8vIlq

Score

10^/10

xmrig evasion miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20231215-en

xmrig evasion miner persistence upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20231222-en

xmrig evasion miner persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  file
- Size
  
  2.5MB
- MD5
  
  f44f200e7d7f8ae6035b382a2a4240dd
- SHA1
  
  8f11e6d44050813db4aa6ba0971ab873cc3ad797
- SHA256
  
  a8ae29395e8234f4d2a35a88ff8d34b353c716d81d0d7e05eacc5d4e2a2aacc8
- SHA512
  
  193781602d1768e170dd9ed149fd07fe72f84789a7d25fe59ad62555f381e7470b4d30866609cf4a387834ed7fda7a2a552d8654117c5dea5cf3288b58c68a39
- SSDEEP
  
  49152:3hU0Vy41dosEvIMf9FhcBYFUjeCnfDCvNb2aeP4mN:RU0zPoTvIYnh8vIlq
Score

10^/10

xmrig evasion miner persistence upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

xmrigevasionminerpersistenceupx

behavioral2

xmrigevasionminerpersistenceupx

© 2018-2024

Terms | Privacy