xmrig | 03b397717d5f88041c0e26035ad7b3f086ea22db62515c608df9a6a4f3a906af | Triage

Submit
Reports

Overview

overview

Static

static

ddd53d491b...cs.exe

windows7-x64

ddd53d491b...cs.exe

windows10-2004-x64

Sharing

General

Target

ddd53d491b54ae1de2faae04806ef1f0_NeikiAnalytics.exe
Size

1.8MB
Sample

240616-hg817atbqa
MD5

ddd53d491b54ae1de2faae04806ef1f0
SHA1

6144352e00391f9d98e5fc40bdb7ae82a41d7dc1
SHA256

03b397717d5f88041c0e26035ad7b3f086ea22db62515c608df9a6a4f3a906af
SHA512

56781cf0840d9f3a48ab600269f5fa9b6e513b072af06352ea2379f76d15f1941b761f77a5484e98fd1b300c18080dc713b398a8df353f3afb78593a985dfde3
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupQF4g6FReQwUzN6Rf0Zra+JsTZxC:Lz071uv4BPMki8CnfZFOzZuQ

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

ddd53d491b54ae1de2faae04806ef1f0_NeikiAnalytics.exe

Resource

win7-20240220-en

xmrig execution miner upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddd53d491b54ae1de2faae04806ef1f0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

xmrig execution miner upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddd53d491b54ae1de2faae04806ef1f0_NeikiAnalytics.exe
- Size
  
  1.8MB
- MD5
  
  ddd53d491b54ae1de2faae04806ef1f0
- SHA1
  
  6144352e00391f9d98e5fc40bdb7ae82a41d7dc1
- SHA256
  
  03b397717d5f88041c0e26035ad7b3f086ea22db62515c608df9a6a4f3a906af
- SHA512
  
  56781cf0840d9f3a48ab600269f5fa9b6e513b072af06352ea2379f76d15f1941b761f77a5484e98fd1b300c18080dc713b398a8df353f3afb78593a985dfde3
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupQF4g6FReQwUzN6Rf0Zra+JsTZxC:Lz071uv4BPMki8CnfZFOzZuQ
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy