xmrig | 291b8f4b2b3a3fcad7506bbf1e2231709dc557d8e3289e9d6f66cec8cce940d2 | Triage

Submit
Reports

Overview

overview

Static

static

3

Cheat1.exe

windows7-x64

Cheat1.exe

windows10-1703-x64

CheatMoney.exe

windows7-x64

CheatMoney.exe

windows10-1703-x64

Sharing

General

Target

donut.zip
Size

4.3MB
Sample

240523-am7rbaee5v
MD5

49c83a3e138d5dd2001e1ccbbbfc8d04
SHA1

c18f8f2b6838a0f790053af16b6d870761e59465
SHA256

291b8f4b2b3a3fcad7506bbf1e2231709dc557d8e3289e9d6f66cec8cce940d2
SHA512

8cfb4f6a0313740a376baad1ca711cb04483b2973a1b14707825d0440b1e9f6d7e88dca1aebecbc272480e0d81ed53d5ee2c8a2f5348b6a1e33db5add29e00b6
SSDEEP

98304:Oxc7J3Txibi+ubQ9kpB9pOJSssDjYXr0+kgIpG9g/OAMk3d:6c7J3Txl+ubUk3TOJBqYX/kgS77

Score

10^/10

xmrig miner

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Cheat1.exe

Resource

win7-20240221-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

Cheat1.exe

Resource

win10-20240404-en

windows10-1703-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

CheatMoney.exe

Resource

win7-20240221-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral4

Sample

CheatMoney.exe

Resource

win10-20240404-en

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Cheat1.exe
- Size
  
  2.1MB
- MD5
  
  7ced67a2b06d542de8884bd8ef3388c8
- SHA1
  
  c2892cb614be03ec39988f9eb1ee5a60dfa74fe4
- SHA256
  
  19b5505a570061e49819101533505d29bc37d74588b4fec9334e836ea5199ea8
- SHA512
  
  0303874a789e678861d0b3501b07ac67ad5d0fc69c6607093e59775d142d17e9171a8b66ae88b6a45bed5b0f4373d6897a6b631e8f3f04bc9cb64daebe0e7b40
- SSDEEP
  
  49152:Uw3FhtA331AcHguh9JBiXIgl8HBsuvQDei7KbT5+i:D3Ff41/FhBiHesuvQL8X
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  CheatMoney.exe
- Size
  
  2.1MB
- MD5
  
  9508a0c17382c6ea967e0da17e23b0a2
- SHA1
  
  a696428ad01878d33051805e438a53c1bf10dd29
- SHA256
  
  82f9d14f7701edcad6ded45a0abd00e7bd13de1eaca985c2eb42caa108e25781
- SHA512
  
  f338d52012b1ff171e7d59cdefea8bd26958e9f8a3cf96abe51b43333119acf6371ad0fd7de321dd67f5a31130c9fa1ed7b68a98bec4b6ccb269b75966b69aa6
- SSDEEP
  
  49152:6BkKmtC0IBHKvlvLKefgiz0bQng5P4G4kdb:6BFmtC0IBHUZLKeYiIbQng5AG4kx
Score

10^/10

xmrig miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy