xmrig | 9151e8f43f29772128e76d48d2cb94a7ad1bd114bf554c47309396a7b1d14e47 | Triage

Submit
Reports

Overview

overview

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file
Size

2.5MB
Sample

240203-yb7tyagge2
MD5

38c0b2afe8b84b4efdb667c28a8b1e7a
SHA1

9280a53dac98d2076398e1d40d185232d456d3b3
SHA256

9151e8f43f29772128e76d48d2cb94a7ad1bd114bf554c47309396a7b1d14e47
SHA512

238a03bdcfde97f86d1494436e856f4ec1aa5299e09be8aff207566deb280c9c516581651bd1d0b5808c7049a43227a368341e646c455f8b361e0d1c0946ea09
SSDEEP

49152:FjLWoR4/RmuZ7KVMxGBJCf0fXyhErbWrZJHsfoGqepCEEbHkN2:JLWS4/RmGK6wzCf0yErb2ZJHYoGqep7j

Score

10^/10

xmrig evasion miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20231215-en

xmrig evasion miner persistence upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20231222-en

xmrig evasion miner persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  file
- Size
  
  2.5MB
- MD5
  
  38c0b2afe8b84b4efdb667c28a8b1e7a
- SHA1
  
  9280a53dac98d2076398e1d40d185232d456d3b3
- SHA256
  
  9151e8f43f29772128e76d48d2cb94a7ad1bd114bf554c47309396a7b1d14e47
- SHA512
  
  238a03bdcfde97f86d1494436e856f4ec1aa5299e09be8aff207566deb280c9c516581651bd1d0b5808c7049a43227a368341e646c455f8b361e0d1c0946ea09
- SSDEEP
  
  49152:FjLWoR4/RmuZ7KVMxGBJCf0fXyhErbWrZJHsfoGqepCEEbHkN2:JLWS4/RmGK6wzCf0yErb2ZJHYoGqep7j
Score

10^/10

xmrig evasion miner persistence upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

xmrigevasionminerpersistenceupx

behavioral2

xmrigevasionminerpersistenceupx

© 2018-2025

Terms | Privacy