xmrig | 22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64 | Triage

Submit
Reports

Overview

overview

Static

static

22dc8c368a...cs.exe

windows7-x64

22dc8c368a...cs.exe

windows10-2004-x64

Sharing

General

Target

22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64_NeikiAnalytics.exe
Size

1.6MB
Sample

240625-3cx4cazelh
MD5

ffbd8a82541314dbe18ffd8bdfd1db90
SHA1

dc5c576c2bcc8cfe31345bd19db70be9c2395df3
SHA256

22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64
SHA512

108370c16c9d13e218a43da485f0fe962729382e111580b8592e062abbfd05cbe77d8c496b548604690e97a30794b270cb21e99247104bb72066b57679fc8f4d
SSDEEP

24576:JanwhSe11QSONCpGJCjETPlWXWZ5PbcquVoVbvVkNgoZ1ssoPi75BYMZVBwnBD:knw9oUUEEDl37jcquVoVJjDNOh9wnB

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64_NeikiAnalytics.exe

Resource

win7-20240221-en

xmrig miner upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64_NeikiAnalytics.exe

Resource

win10v2004-20240611-en

xmrig miner persistence privilege_escalation upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64_NeikiAnalytics.exe
- Size
  
  1.6MB
- MD5
  
  ffbd8a82541314dbe18ffd8bdfd1db90
- SHA1
  
  dc5c576c2bcc8cfe31345bd19db70be9c2395df3
- SHA256
  
  22dc8c368a7bd11f8cddb13406be6723c2e3417bb46b60763b13cf9b28270f64
- SHA512
  
  108370c16c9d13e218a43da485f0fe962729382e111580b8592e062abbfd05cbe77d8c496b548604690e97a30794b270cb21e99247104bb72066b57679fc8f4d
- SSDEEP
  
  24576:JanwhSe11QSONCpGJCjETPlWXWZ5PbcquVoVbvVkNgoZ1ssoPi75BYMZVBwnBD:knw9oUUEEDl37jcquVoVJjDNOh9wnB
Score

10^/10

xmrig miner upx persistence privilege_escalation
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistenceprivilege_escalationupx

© 2018-2024

Terms | Privacy