Overview

overview

10

Static

static

7

8e1424c126...9f.exe

windows7-x64

10

8e1424c126...9f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/02/2024, 03:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8e1424c1266b3c063b5714ed03b19f9f.exe

  • Size

    784KB

  • MD5

    8e1424c1266b3c063b5714ed03b19f9f

  • SHA1

    b83105b2888191f8bde0c5410ef75c53588345c3

  • SHA256

    75152753ef11ad5d90fab5e093b2d7a9776c7d59acef8603e74f1e59799475ac

  • SHA512

    f273aa8e3f2ef6971656211d3390bceed0754048ba1c98a877cfccbb4ca8a1e10c41d6a686e0206167f43d3dff0f6ac9af08d366a7da66155205ec3a9330a6be

  • SSDEEP

    24576:SZYh3MTc8Gd5sRx1sr79uaZ0vYo82oHeUi:SwMboox1srhuaOB8NG

Score
10/10
xmrigminerupx

Malware Config

Signatures

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig
  • XMRig Miner payload 7 IoCs
    miner
  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8e1424c1266b3c063b5714ed03b19f9f.exe
    "C:\Users\Admin\AppData\Local\Temp\8e1424c1266b3c063b5714ed03b19f9f.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:4176
    • C:\Users\Admin\AppData\Local\Temp\8e1424c1266b3c063b5714ed03b19f9f.exe
      C:\Users\Admin\AppData\Local\Temp\8e1424c1266b3c063b5714ed03b19f9f.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:4832

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\8e1424c1266b3c063b5714ed03b19f9f.exe
          Filesize

          718KB

          MD5

          2ee198b03f0305b66ae1dd2fd8368fe4

          SHA1

          38d5fd9120669186964358d651184b364e655167

          SHA256

          4c239f28bc8b30c7317b97363ba844de80f8379e6dd5eea787c26abe76ac85b2

          SHA512

          108f462b5b4b29f5fd39952b4606b18ba13a5f666475edea6c93676406d33e9c0b18e08086ed534dfcbe2fd20e2898bdb6a522e4849fd4706393cd64c789df8e

          Download Submit

        • memory/4176-0-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/4176-1-0x0000000001720000-0x00000000017E4000-memory.dmp

          Filesize

          784KB

          Download

        • memory/4176-2-0x0000000000400000-0x0000000000593000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/4176-12-0x0000000000400000-0x0000000000593000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/4832-13-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/4832-15-0x0000000000400000-0x0000000000593000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/4832-14-0x0000000001AE0000-0x0000000001BA4000-memory.dmp

          Filesize

          784KB

          Download

        • memory/4832-20-0x0000000005350000-0x00000000054E3000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/4832-21-0x0000000000400000-0x0000000000587000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/4832-30-0x00000000005A0000-0x000000000071F000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/4832-31-0x0000000000400000-0x0000000000587000-memory.dmp

          Filesize

          1.5MB

          Download