xmrig | 7ece8e0973bdd09081b496e90d84e88152a60bfdd98123372fc3aed1c9d49863 | Triage

Submit
Reports

Overview

overview

Static

static

1f1f27deff...18.exe

windows7-x64

1f1f27deff...18.exe

windows10-2004-x64

Sharing

General

Target

1f1f27deffe539d99e12d720f1fbd7da_JaffaCakes118
Size

5.2MB
Sample

240329-l2xensfc77
MD5

1f1f27deffe539d99e12d720f1fbd7da
SHA1

a021497f416dded6636e88d8955a3a7632fbfcf2
SHA256

7ece8e0973bdd09081b496e90d84e88152a60bfdd98123372fc3aed1c9d49863
SHA512

2c4f8b7cf581a3ca57d7463e410a9f58bb484fef0708f15106db4c1601ebda739eef5bde96bad48e38367d53637a3deac94443d6fbf8b3d907b8838e054b1522
SSDEEP

98304:5L6uEe3WyV1kpTAuLz2LgdOnV5N2Vv9Pe11dHO2:5oe3Wy/qEuLz20ne1DHO2

Score

10^/10

xmrig miner persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

1f1f27deffe539d99e12d720f1fbd7da_JaffaCakes118.exe

Resource

win7-20240319-en

xmrig miner persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f1f27deffe539d99e12d720f1fbd7da_JaffaCakes118.exe

Resource

win10v2004-20240226-en

xmrig miner persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  1f1f27deffe539d99e12d720f1fbd7da_JaffaCakes118
- Size
  
  5.2MB
- MD5
  
  1f1f27deffe539d99e12d720f1fbd7da
- SHA1
  
  a021497f416dded6636e88d8955a3a7632fbfcf2
- SHA256
  
  7ece8e0973bdd09081b496e90d84e88152a60bfdd98123372fc3aed1c9d49863
- SHA512
  
  2c4f8b7cf581a3ca57d7463e410a9f58bb484fef0708f15106db4c1601ebda739eef5bde96bad48e38367d53637a3deac94443d6fbf8b3d907b8838e054b1522
- SSDEEP
  
  98304:5L6uEe3WyV1kpTAuLz2LgdOnV5N2Vv9Pe11dHO2:5oe3Wy/qEuLz20ne1DHO2
Score

10^/10

xmrig miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xmrigminerpersistence

behavioral2

xmrigminerpersistence

© 2018-2024

Terms | Privacy