xmrig

Resubmissions

09/04/2024, 09:54

240409-lxl35sca92 10

09/04/2024, 09:54

09/04/2024, 09:54

09/04/2024, 09:54

04/02/2024, 03:40

Sharing

Copy URL Twitter E-mail

General

Target

ddf5992a22e591cae17174a449440242ca2d202f54c075595e3c2424a37a89bc
Size

15.9MB
Sample

240409-lxk6vafd5y
MD5

d4e64ab0ff97f98ee52336a12f8a866b
SHA1

142dbab8c142028dee1246406f00d78ee996a928
SHA256

ddf5992a22e591cae17174a449440242ca2d202f54c075595e3c2424a37a89bc
SHA512

2930de9b2ffca5225d94d24029fdd2cbfc1d71602aff4d85ddbb6d0d54121e6da5d48c773b152753a67ef9e2d97e63d867955024bd5587e7fed7339e3bece7e0
SSDEEP

393216:kIGjY9luLMWNVAgidNUDUDeElrCakFLrffXZh5:JGj4lu4WfAgSUDYrCRFvN

Score

10^/10

xmrig miner

Malware Config

Targets

- Target
  
  ddf5992a22e591cae17174a449440242ca2d202f54c075595e3c2424a37a89bc
- Size
  
  15.9MB
- MD5
  
  d4e64ab0ff97f98ee52336a12f8a866b
- SHA1
  
  142dbab8c142028dee1246406f00d78ee996a928
- SHA256
  
  ddf5992a22e591cae17174a449440242ca2d202f54c075595e3c2424a37a89bc
- SHA512
  
  2930de9b2ffca5225d94d24029fdd2cbfc1d71602aff4d85ddbb6d0d54121e6da5d48c773b152753a67ef9e2d97e63d867955024bd5587e7fed7339e3bece7e0
- SSDEEP
  
  393216:kIGjY9luLMWNVAgidNUDUDeElrCakFLrffXZh5:JGj4lu4WfAgSUDYrCRFvN
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

T1053

Persistence

Scheduled Task/Job

T1053

Privilege Escalation

Scheduled Task/Job

T1053

Defense Evasion

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

XMRig Miner payload

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

AutoIT Executable

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4