xmrig | bd2da7febe9a4d6a6dcd5dcf886b97915b46fdb5a3bebaf3b31751e1b1781b36

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
21-02-2024 03:47

Target

2024-02-21_bfd17761f961d3d6636db5f25df84ede_cobalt-strike_cobaltstrike.exe
Size

6.0MB
MD5

bfd17761f961d3d6636db5f25df84ede
SHA1

242aa2fd95fd12b0159206ce67c499ba3b3060cf
SHA256

bd2da7febe9a4d6a6dcd5dcf886b97915b46fdb5a3bebaf3b31751e1b1781b36
SHA512

563ed4581de60d8089e510ef8cfe1c3a91604359d03afa8c658362f08819be2d79ee0a8d43a209d45ec8bf5b63ecbe4a9a977848e8d16c13e3185811f399c34d
SSDEEP

98304:EniLf9FdfE0pZB156utgpPFotBER/mQ32lUz:eOl56utgpPF8u/7z

Score

10^/10

xmrig miner upx

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
behavioral2/memory/3316-0-0x00007FF74D1F0000-0x00007FF74D544000-memory.dmp	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/3316-0-0x00007FF74D1F0000-0x00007FF74D544000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3316-0-0x00007FF74D1F0000-0x00007FF74D544000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-02-21_bfd17761f961d3d6636db5f25df84ede_cobalt-strike_cobaltstrike.exe
"C:\Users\Admin\AppData\Local\Temp\2024-02-21_bfd17761f961d3d6636db5f25df84ede_cobalt-strike_cobaltstrike.exe"
1⤵
PID:3316

memory/3316-0-0x00007FF74D1F0000-0x00007FF74D544000-memory.dmp

Filesize
3.3MB

Download