xmrig | d0b06ca6ece3fef6671fa8acd3d560a9400891abcd10f5cedcfe7bd1e6050dfe | Triage

Submit
Reports

Overview

overview

Static

static

3

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp
Size

10.7MB
Sample

240421-xyqy9shh34
MD5

b091c4848287be6601d720997394d453
SHA1

9180e34175e1f4644d5fa63227d665b2be15c75b
SHA256

d0b06ca6ece3fef6671fa8acd3d560a9400891abcd10f5cedcfe7bd1e6050dfe
SHA512

a3b3663fd343389aee2cbf76f426401d436992b2b56cea3b60e9c2e385510fa874fa45b2ac75703074f0303934c4223eaee1983851374a2e753fd0302042cc5a
SSDEEP

196608:oPnV1Bk/fRaGxUCBIORz5Z2YoZX0tMmp6tgq1D//XxdgPxwdT:oPKfR/UCBF+dZX0tMft/vxdgpG

Score

10^/10

xmrig evasion miner persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20231129-en

xmrig evasion miner persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20240412-en

xmrig evasion miner persistence

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  tmp
- Size
  
  10.7MB
- MD5
  
  b091c4848287be6601d720997394d453
- SHA1
  
  9180e34175e1f4644d5fa63227d665b2be15c75b
- SHA256
  
  d0b06ca6ece3fef6671fa8acd3d560a9400891abcd10f5cedcfe7bd1e6050dfe
- SHA512
  
  a3b3663fd343389aee2cbf76f426401d436992b2b56cea3b60e9c2e385510fa874fa45b2ac75703074f0303934c4223eaee1983851374a2e753fd0302042cc5a
- SSDEEP
  
  196608:oPnV1Bk/fRaGxUCBIORz5Z2YoZX0tMmp6tgq1D//XxdgPxwdT:oPKfR/UCBF+dZX0tMft/vxdgpG
Score

10^/10

xmrig evasion miner persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xmrigevasionminerpersistence

behavioral2

xmrigevasionminerpersistence

© 2018-2024

Terms | Privacy