xmrig | 2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2 | Triage

Submit
Reports

Overview

overview

Static

static

2a891860e0...c2.exe

windows7-x64

2a891860e0...c2.exe

windows10-2004-x64

Sharing

General

Target

2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2
Size

2.1MB
Sample

240325-weld1ahd2v
MD5

77cc4401a536d1a63ec6b5bb02bf3dba
SHA1

d4fffd11d05612a07c569e1c966a74f3cd617ff0
SHA256

2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2
SHA512

7729ec8e8d5a8b4d3fb6f2c10594cce129d16966ecbc166acc39da9956bb22dcd0bcd98927cd934f4a6bfd28bb58196df4d1f2774250f3cf77685594d9ff24be
SSDEEP

49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82S5k7c2lcA:NABz

Score

10^/10

xmrig miner upx

Static task

static1

upx miner xmrig

6 signatures

Behavioral task

behavioral1

Sample

2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2.exe

Resource

win7-20240319-en

xmrig miner upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2.exe

Resource

win10v2004-20240319-en

xmrig miner upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2
- Size
  
  2.1MB
- MD5
  
  77cc4401a536d1a63ec6b5bb02bf3dba
- SHA1
  
  d4fffd11d05612a07c569e1c966a74f3cd617ff0
- SHA256
  
  2a891860e0f0dcc54f596dae62e30acbc7a7e765c46673e74fd29f493524aec2
- SHA512
  
  7729ec8e8d5a8b4d3fb6f2c10594cce129d16966ecbc166acc39da9956bb22dcd0bcd98927cd934f4a6bfd28bb58196df4d1f2774250f3cf77685594d9ff24be
- SSDEEP
  
  49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82S5k7c2lcA:NABz
Score

10^/10

xmrig miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Detects executables containing URLs to raw contents of a Github gist
- UPX dump on OEP (original entry point)
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy