xmrig | 3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e
Size

2.5MB
Sample

240617-ag12ksvelf
MD5

fbfbe4ee13baecac3e7d16bec24cf079
SHA1

360caf2bb458bee7e65c316099a868b929839d25
SHA256

3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e
SHA512

8f5d849e739430cdc560f9dbda5f2f72a07ed0493054298b0d195cf50c972e9a24effdb71cadeea6ced14663fc1268f4a0f45234f37aac334638ffcd8057b28a
SSDEEP

49152:0GXNqt3/rQCbVuI1SjuNVASD++6ozKQ/hD5xkmIW3vFqbrBeL9SSKl:0Gm3/rQCbVuIioc9ihD5KmjteALgl

Score

10^/10

xmrig evasion execution miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e.exe

Resource

win10v2004-20240611-en

xmrig evasion execution miner persistence upx

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e.exe

Resource

win11-20240611-en

xmrig evasion execution miner persistence upx

windows11-21h2-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e
- Size
  
  2.5MB
- MD5
  
  fbfbe4ee13baecac3e7d16bec24cf079
- SHA1
  
  360caf2bb458bee7e65c316099a868b929839d25
- SHA256
  
  3d65e5f78fa228a79d279fd903b45e584effe6b680d3a3adcb582985de62d01e
- SHA512
  
  8f5d849e739430cdc560f9dbda5f2f72a07ed0493054298b0d195cf50c972e9a24effdb71cadeea6ced14663fc1268f4a0f45234f37aac334638ffcd8057b28a
- SSDEEP
  
  49152:0GXNqt3/rQCbVuI1SjuNVASD++6ozKQ/hD5xkmIW3vFqbrBeL9SSKl:0Gm3/rQCbVuIioc9ihD5KmjteALgl
Score

10^/10

xmrig evasion execution miner persistence upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Creates new service(s)
  persistence execution
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xmrigevasionexecutionminerpersistenceupx

behavioral2

xmrigevasionexecutionminerpersistenceupx

© 2018-2024

Terms | Privacy