Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c13c0f88d6...1b.exe

windows7-x64

7

c13c0f88d6...1b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c13c0f88d69f72c9bce3f695c5f3614a0b920d516e2c3c70be297c1688fd141b

  • Size

    2.4MB

  • Sample

    240502-dqnpdshd65

  • MD5

    8a7b8ad4b528f2eee93ca9b2fac2515d

  • SHA1

    d9f0e15be8a8672b08f99a5ded01ad774ff7d24f

  • SHA256

    c13c0f88d69f72c9bce3f695c5f3614a0b920d516e2c3c70be297c1688fd141b

  • SHA512

    ac0c85423063df63f548a3db62a5bfd8b22d3350e0e58a2f2d17321326e8c3df3d1088ba19a4ce57b2544a7f8f00a0a09f2ae86a4eb0fecfbe908276c62aae0d

  • SSDEEP

    49152:JMDRZ9IBVL+s0ezJGd80SHMsThF35Hj1Bzudu:JMDtIXLr06AdfEThF35Pzuk

Score
10/10
xmrigminerpyinstaller

Malware Config

Targets

    • Target

      c13c0f88d69f72c9bce3f695c5f3614a0b920d516e2c3c70be297c1688fd141b

    • Size

      2.4MB

    • MD5

      8a7b8ad4b528f2eee93ca9b2fac2515d

    • SHA1

      d9f0e15be8a8672b08f99a5ded01ad774ff7d24f

    • SHA256

      c13c0f88d69f72c9bce3f695c5f3614a0b920d516e2c3c70be297c1688fd141b

    • SHA512

      ac0c85423063df63f548a3db62a5bfd8b22d3350e0e58a2f2d17321326e8c3df3d1088ba19a4ce57b2544a7f8f00a0a09f2ae86a4eb0fecfbe908276c62aae0d

    • SSDEEP

      49152:JMDRZ9IBVL+s0ezJGd80SHMsThF35Hj1Bzudu:JMDtIXLr06AdfEThF35Pzuk

    Score
    10/10
    xmrigminerpyinstaller

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks