xmrig | d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3 | Triage

Submit
Reports

Overview

overview

Static

static

d6e1c101bf...b3.exe

windows7-x64

d6e1c101bf...b3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3
Size

3.4MB
Sample

240313-btjthagf3t
MD5

c6dabdb0013abe22f675cb20952c5a12
SHA1

2040cd8fcfac625d64b46353cc629fba709023e3
SHA256

d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3
SHA512

56feeacb8090bcb2a70c912f8bea6804ff1a5a090796122a98c119ccf20949cb02a49f3b4e18c5b989c80e64993faf613077080c2a8c044d6293d4bd6c119553
SSDEEP

98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWD:SbBeSFkX

Score

10^/10

xmrig miner upx

Static task

static1

miner upx xmrig

6 signatures

Behavioral task

behavioral1

Sample

d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3.exe

Resource

win7-20240221-en

xmrig miner upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3.exe

Resource

win10v2004-20240226-en

xmrig miner upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3
- Size
  
  3.4MB
- MD5
  
  c6dabdb0013abe22f675cb20952c5a12
- SHA1
  
  2040cd8fcfac625d64b46353cc629fba709023e3
- SHA256
  
  d6e1c101bfdca4c285c381d35575c60a2efdbf7dd987d387fae0e740123702b3
- SHA512
  
  56feeacb8090bcb2a70c912f8bea6804ff1a5a090796122a98c119ccf20949cb02a49f3b4e18c5b989c80e64993faf613077080c2a8c044d6293d4bd6c119553
- SSDEEP
  
  98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWD:SbBeSFkX
Score

10^/10

xmrig miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Detects executables containing URLs to raw contents of a Github gist
- UPX dump on OEP (original entry point)
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy