xmrig | ac63bb8cfb8b90a6bbdf1ccb42bf4930d2cf4fff088002f80e1fb62debf93ec3 | Triage

Submit
Reports

Overview

overview

Static

static

3d1b47880d...18.exe

windows7-x64

3d1b47880d...18.exe

windows10-2004-x64

Sharing

General

Target

3d1b47880d95a91e8f6aa23b092e35ee_JaffaCakes118
Size

2.9MB
Sample

240513-3za74aag9v
MD5

3d1b47880d95a91e8f6aa23b092e35ee
SHA1

13490fb6f8450179043f7865492a9bf44aeb3a16
SHA256

ac63bb8cfb8b90a6bbdf1ccb42bf4930d2cf4fff088002f80e1fb62debf93ec3
SHA512

3c5b4d01dfcc02bf3cfb6b536cd8006e75e561d93e04446fe65a4cb238d3998deaaf3305e11499fc52619a5df181861a981fdfa8be51571beb38035ec21db55c
SSDEEP

49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTleLWrJ5I/49Mw:NABJ

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

3d1b47880d95a91e8f6aa23b092e35ee_JaffaCakes118.exe

Resource

win7-20240221-en

xmrig execution miner upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d1b47880d95a91e8f6aa23b092e35ee_JaffaCakes118.exe

Resource

win10v2004-20240426-en

xmrig execution miner upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  3d1b47880d95a91e8f6aa23b092e35ee_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  3d1b47880d95a91e8f6aa23b092e35ee
- SHA1
  
  13490fb6f8450179043f7865492a9bf44aeb3a16
- SHA256
  
  ac63bb8cfb8b90a6bbdf1ccb42bf4930d2cf4fff088002f80e1fb62debf93ec3
- SHA512
  
  3c5b4d01dfcc02bf3cfb6b536cd8006e75e561d93e04446fe65a4cb238d3998deaaf3305e11499fc52619a5df181861a981fdfa8be51571beb38035ec21db55c
- SSDEEP
  
  49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTleLWrJ5I/49Mw:NABJ
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy