xmrig | 9ce775734b47d214e97b659997419b6f08ed83988d3f6e853b8ee2f0306a0a4c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

ejecutable.exe

windows7-x64

ejecutable.exe

windows10-2004-x64

Sharing

General

Target

ejecutable.exe
Size

9.8MB
Sample

240405-a71hqsga78
MD5

fd8d4e6fc696f111119fd0bdb615005e
SHA1

2cee425a78c2c30db1db92ecab39a91afe1e0321
SHA256

9ce775734b47d214e97b659997419b6f08ed83988d3f6e853b8ee2f0306a0a4c
SHA512

91eed4cae6a2c14dbb70bf6e026d7789b534557e3141a7f6698f406fc0dde8be5235799fdc7618c630ae6c1cf84d8042ed0579ccb6fb969789df7a88eb245fe9
SSDEEP

98304:t5i+bn565ESeSgza8U1S9UpjXOfEQ502MSQeVlIonoOvv7NpF8K:t5/bnA5neSgzXU8+E50moOvv7Nr8K

Score

10^/10

xmrig discovery evasion miner persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ejecutable.exe

Resource

win7-20240221-en

xmrig discovery evasion miner persistence

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

ejecutable.exe

Resource

win10v2004-20240226-en

xmrig discovery evasion miner persistence

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  ejecutable.exe
- Size
  
  9.8MB
- MD5
  
  fd8d4e6fc696f111119fd0bdb615005e
- SHA1
  
  2cee425a78c2c30db1db92ecab39a91afe1e0321
- SHA256
  
  9ce775734b47d214e97b659997419b6f08ed83988d3f6e853b8ee2f0306a0a4c
- SHA512
  
  91eed4cae6a2c14dbb70bf6e026d7789b534557e3141a7f6698f406fc0dde8be5235799fdc7618c630ae6c1cf84d8042ed0579ccb6fb969789df7a88eb245fe9
- SSDEEP
  
  98304:t5i+bn565ESeSgza8U1S9UpjXOfEQ502MSQeVlIonoOvv7NpF8K:t5/bnA5neSgzXU8+E50moOvv7Nr8K
Score

10^/10

xmrig discovery evasion miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Contacts a large (41041) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

xmrigdiscoveryevasionminerpersistence

behavioral2

xmrigdiscoveryevasionminerpersistence

© 2018-2025

Terms | Privacy