xmrig | ebacefbee77304def269ced9caf4641552de9cf888e4682e4cc0794f740356f8 | Triage

Submit
Reports

Overview

overview

Static

static

2de6db55e9...18.exe

windows7-x64

2de6db55e9...18.exe

windows10-2004-x64

Sharing

General

Target

2de6db55e9c497b3e2d21e13dd768475_JaffaCakes118
Size

1.9MB
Sample

240510-hqtymagh9w
MD5

2de6db55e9c497b3e2d21e13dd768475
SHA1

692dbfbb94009e56897f70bb428f9a34d55c1896
SHA256

ebacefbee77304def269ced9caf4641552de9cf888e4682e4cc0794f740356f8
SHA512

4eaf68ce0536b0a66f2c085bd6c9e0696eeb06c1fe1e632d74c7b789f67ed4ab4543c901b4806166bbac5759b665c9cb43e1b2f93e897a6e9611852e0251a9d3
SSDEEP

49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHafl:NAB+

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

2de6db55e9c497b3e2d21e13dd768475_JaffaCakes118.exe

Resource

win7-20240220-en

xmrig execution miner upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2de6db55e9c497b3e2d21e13dd768475_JaffaCakes118.exe

Resource

win10v2004-20240426-en

xmrig execution miner upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2de6db55e9c497b3e2d21e13dd768475_JaffaCakes118
- Size
  
  1.9MB
- MD5
  
  2de6db55e9c497b3e2d21e13dd768475
- SHA1
  
  692dbfbb94009e56897f70bb428f9a34d55c1896
- SHA256
  
  ebacefbee77304def269ced9caf4641552de9cf888e4682e4cc0794f740356f8
- SHA512
  
  4eaf68ce0536b0a66f2c085bd6c9e0696eeb06c1fe1e632d74c7b789f67ed4ab4543c901b4806166bbac5759b665c9cb43e1b2f93e897a6e9611852e0251a9d3
- SSDEEP
  
  49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHafl:NAB+
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy