xmrig | fca0be1fe015589f1a7dee51e9547ea33af274ee1b01f254d372039a5357877f | Triage

Submit
Reports

Overview

overview

Static

static

03cddee91b...18.exe

windows7-x64

03cddee91b...18.exe

windows10-2004-x64

Sharing

General

Target

03cddee91bc517c99bd3f3eb9088ad81_JaffaCakes118
Size

1.8MB
Sample

240427-2rslqsaf4z
MD5

03cddee91bc517c99bd3f3eb9088ad81
SHA1

dc24c5e36222842a1c3f5af7ab74de03c2dc14f4
SHA256

fca0be1fe015589f1a7dee51e9547ea33af274ee1b01f254d372039a5357877f
SHA512

e3dae52a6be7040727563adf12429e15910a8bb5fd88ba884a01b1b53e3fa9621c6545d66f12d87559e75c5290921d625c933b3ba3f596c4270c15ceac6ebaad
SSDEEP

49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SflDrI5a:NABE

Score

10^/10

xmrig miner persistence upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

03cddee91bc517c99bd3f3eb9088ad81_JaffaCakes118.exe

Resource

win7-20231129-en

xmrig miner upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

03cddee91bc517c99bd3f3eb9088ad81_JaffaCakes118.exe

Resource

win10v2004-20240419-en

xmrig miner persistence upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  03cddee91bc517c99bd3f3eb9088ad81_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  03cddee91bc517c99bd3f3eb9088ad81
- SHA1
  
  dc24c5e36222842a1c3f5af7ab74de03c2dc14f4
- SHA256
  
  fca0be1fe015589f1a7dee51e9547ea33af274ee1b01f254d372039a5357877f
- SHA512
  
  e3dae52a6be7040727563adf12429e15910a8bb5fd88ba884a01b1b53e3fa9621c6545d66f12d87559e75c5290921d625c933b3ba3f596c4270c15ceac6ebaad
- SSDEEP
  
  49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SflDrI5a:NABE
Score

10^/10

xmrig miner upx persistence
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistenceupx

© 2018-2024

Terms | Privacy