xmrig | 13f46653f0a8c346f9f814a3f382870883cb65003465239c0a5e4004493ba2d8 | Triage

Submit
Reports

Overview

overview

Static

static

10ad2f242f...cs.exe

windows7-x64

10ad2f242f...cs.exe

windows10-2004-x64

Sharing

General

Target

10ad2f242f41aab4107385f962b993c0_NeikiAnalytics
Size

3.2MB
Sample

240512-p57xcsaf78
MD5

10ad2f242f41aab4107385f962b993c0
SHA1

055f74b06f53962aebcece6a552918fa320d5a81
SHA256

13f46653f0a8c346f9f814a3f382870883cb65003465239c0a5e4004493ba2d8
SHA512

6dca5c464de4b23f7cd62829f4a95b861b0f46f7aac3786963eceb8fe901230faa28134705ff8cee87e460bc4559f38f53c8a82e5e091ef8575b1ec619e4acd2
SSDEEP

98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWW:SbBeSFkK

Score

10^/10

xmrig execution miner upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

10ad2f242f41aab4107385f962b993c0_NeikiAnalytics.exe

Resource

win7-20231129-en

xmrig execution miner upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

10ad2f242f41aab4107385f962b993c0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

xmrig execution miner upx

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  10ad2f242f41aab4107385f962b993c0_NeikiAnalytics
- Size
  
  3.2MB
- MD5
  
  10ad2f242f41aab4107385f962b993c0
- SHA1
  
  055f74b06f53962aebcece6a552918fa320d5a81
- SHA256
  
  13f46653f0a8c346f9f814a3f382870883cb65003465239c0a5e4004493ba2d8
- SHA512
  
  6dca5c464de4b23f7cd62829f4a95b861b0f46f7aac3786963eceb8fe901230faa28134705ff8cee87e460bc4559f38f53c8a82e5e091ef8575b1ec619e4acd2
- SSDEEP
  
  98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWW:SbBeSFkK
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy