xmrig | fb124a04139f59af310e5c4870b03bd7f0f9037abf4d13b43b2a2cfdc0c237e0 | Triage

Submit
Reports

Overview

overview

Static

static

2f781c6790...cs.exe

windows7-x64

2f781c6790...cs.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2f781c679018bc94f4c37630c6e71770_NeikiAnalytics
Size

1.6MB
Sample

240515-zeywwaag8y
MD5

2f781c679018bc94f4c37630c6e71770
SHA1

01508d76c3416e7e1324bf4498bb5d7db7c8af26
SHA256

fb124a04139f59af310e5c4870b03bd7f0f9037abf4d13b43b2a2cfdc0c237e0
SHA512

b6a83776895f3a4b2d886361b01fe9ce1d75ed43b1114b2158522a76554845c11b8f97819b30fea84b34b664eb8e77951d729544c4baf2b3fe3cd80a5d347375
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkUCCWvLEvj7NaVNqd9OeSZXCdzvd4/iooIXsL8ysOa:Lz071uv4BPMkHC0IaSEzQR4iRL7BqBD

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

2f781c679018bc94f4c37630c6e71770_NeikiAnalytics.exe

Resource

win7-20240221-en

xmrig execution miner upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2f781c679018bc94f4c37630c6e71770_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

xmrig execution miner upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f781c679018bc94f4c37630c6e71770_NeikiAnalytics
- Size
  
  1.6MB
- MD5
  
  2f781c679018bc94f4c37630c6e71770
- SHA1
  
  01508d76c3416e7e1324bf4498bb5d7db7c8af26
- SHA256
  
  fb124a04139f59af310e5c4870b03bd7f0f9037abf4d13b43b2a2cfdc0c237e0
- SHA512
  
  b6a83776895f3a4b2d886361b01fe9ce1d75ed43b1114b2158522a76554845c11b8f97819b30fea84b34b664eb8e77951d729544c4baf2b3fe3cd80a5d347375
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkUCCWvLEvj7NaVNqd9OeSZXCdzvd4/iooIXsL8ysOa:Lz071uv4BPMkHC0IaSEzQR4iRL7BqBD
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy