xmrig | 4bd8648e1321262d988f1379ffc4d752dfffd5b0de4b16d2ece6fd5965bca31e | Triage

Submit
Reports

Overview

overview

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

2.5MB
Sample

240203-ycy87abbem
MD5

a23e64ae9179c3bf6a1850591d541b29
SHA1

a2cac962fb9004a523a17251243b49d52046fc1d
SHA256

4bd8648e1321262d988f1379ffc4d752dfffd5b0de4b16d2ece6fd5965bca31e
SHA512

4c0706d8519fc5fff3fa0a32a18b2d027079dd323772db28c9753ae05e1af16072c66c6fadcaf9e13c6703f480174294d353ec0d3e2297145f052c70b43bd403
SSDEEP

49152:LBVf/W4kQiybZloH6WUgJAB+FTB0TH1bEwfUcLfBlJzHpr1StId:NVf/7bbZloHS/B+FTB/wfPnJz/S

Score

10^/10

xmrig evasion miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20231215-en

xmrig evasion miner persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20231215-en

xmrig evasion miner persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  2.5MB
- MD5
  
  a23e64ae9179c3bf6a1850591d541b29
- SHA1
  
  a2cac962fb9004a523a17251243b49d52046fc1d
- SHA256
  
  4bd8648e1321262d988f1379ffc4d752dfffd5b0de4b16d2ece6fd5965bca31e
- SHA512
  
  4c0706d8519fc5fff3fa0a32a18b2d027079dd323772db28c9753ae05e1af16072c66c6fadcaf9e13c6703f480174294d353ec0d3e2297145f052c70b43bd403
- SSDEEP
  
  49152:LBVf/W4kQiybZloH6WUgJAB+FTB0TH1bEwfUcLfBlJzHpr1StId:NVf/7bbZloHS/B+FTB/wfPnJz/S
Score

10^/10

xmrig evasion miner persistence upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

xmrigevasionminerpersistenceupx

behavioral2

xmrigevasionminerpersistenceupx

© 2018-2024

Terms | Privacy