xmrig | 707e0e6e46b10ddbddaa496b1cf36b1217285c804e708ee3287f8c0704b8e6dd | Triage

Submit
Reports

Overview

overview

Static

static

3

c4ab683fb4...4d.exe

windows7-x64

c4ab683fb4...4d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c4ab683fb45be6bdc8ed389e4ba51f4d
Size

329KB
Sample

240313-cap2vahd4s
MD5

c4ab683fb45be6bdc8ed389e4ba51f4d
SHA1

3e2fc935ac614ebd1b59db08f40f52e54fb45671
SHA256

707e0e6e46b10ddbddaa496b1cf36b1217285c804e708ee3287f8c0704b8e6dd
SHA512

f16e14acd1fb9d455e202498f232860948a517dd1673b41bfc23714816bf0cc416f9d4167020eb25e5b75d3b8ebcc3ed4d15e67b9dda1f99967cbadd7e193ccd
SSDEEP

3072:W0NylrNuanGPdHbRKhH8z0+zSz/R+uMGDcyw:W0U5UPd7RKR8z0+zSzpBPDcy

Score

10^/10

xmrig miner

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c4ab683fb45be6bdc8ed389e4ba51f4d.exe

Resource

win7-20240221-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

c4ab683fb45be6bdc8ed389e4ba51f4d.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  c4ab683fb45be6bdc8ed389e4ba51f4d
- Size
  
  329KB
- MD5
  
  c4ab683fb45be6bdc8ed389e4ba51f4d
- SHA1
  
  3e2fc935ac614ebd1b59db08f40f52e54fb45671
- SHA256
  
  707e0e6e46b10ddbddaa496b1cf36b1217285c804e708ee3287f8c0704b8e6dd
- SHA512
  
  f16e14acd1fb9d455e202498f232860948a517dd1673b41bfc23714816bf0cc416f9d4167020eb25e5b75d3b8ebcc3ed4d15e67b9dda1f99967cbadd7e193ccd
- SSDEEP
  
  3072:W0NylrNuanGPdHbRKhH8z0+zSz/R+uMGDcyw:W0U5UPd7RKR8z0+zSzpBPDcy
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy