xmrig | 98c99bc79acfad3e75ef8307ce42e2d0ef09de8bd82009215550aaae984c1e27 | Triage

Submit
Reports

Overview

overview

Static

static

7

02a98b92d5...18.exe

windows7-x64

02a98b92d5...18.exe

windows10-2004-x64

Sharing

General

Target

02a98b92d5827c2b27d2f5e0c3d7422a_JaffaCakes118
Size

5.7MB
Sample

240427-hlz9vadc96
MD5

02a98b92d5827c2b27d2f5e0c3d7422a
SHA1

6ecf3d089bda0a9b168f3a8fa9f782d1fd67e502
SHA256

98c99bc79acfad3e75ef8307ce42e2d0ef09de8bd82009215550aaae984c1e27
SHA512

b4db3d9de24c4d14fbbc91ea8c6a8ae1f725d149cc17bfef190326bdf216eab3299e93bbc286e649cda122e82b2507fcbb54f20d5446669a95f945ff42ebf4e7
SSDEEP

98304:XAEe6gZaY57jzaOkW/7UQ2VprDdSFlmXCkBmfMtOlThkY:QE3qaY5TUW92VWFEXC6mUQThX

Score

10^/10

xmrig miner upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

02a98b92d5827c2b27d2f5e0c3d7422a_JaffaCakes118.exe

Resource

win7-20231129-en

xmrig miner upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

02a98b92d5827c2b27d2f5e0c3d7422a_JaffaCakes118.exe

Resource

win10v2004-20240426-en

xmrig miner upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  02a98b92d5827c2b27d2f5e0c3d7422a_JaffaCakes118
- Size
  
  5.7MB
- MD5
  
  02a98b92d5827c2b27d2f5e0c3d7422a
- SHA1
  
  6ecf3d089bda0a9b168f3a8fa9f782d1fd67e502
- SHA256
  
  98c99bc79acfad3e75ef8307ce42e2d0ef09de8bd82009215550aaae984c1e27
- SHA512
  
  b4db3d9de24c4d14fbbc91ea8c6a8ae1f725d149cc17bfef190326bdf216eab3299e93bbc286e649cda122e82b2507fcbb54f20d5446669a95f945ff42ebf4e7
- SSDEEP
  
  98304:XAEe6gZaY57jzaOkW/7UQ2VprDdSFlmXCkBmfMtOlThkY:QE3qaY5TUW92VWFEXC6mUQThX
Score

10^/10

xmrig miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy