Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

vers1.bat

windows11-21h2-x64

10

vers1.bat

windows10-1703-x64

10

vers1.bat

windows10-2004-x64

10

vers1.bat

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vers1.bat

  • Size

    393B

  • Sample

    240625-tw7mfs1aje

  • MD5

    ece9925dc634f1cc20e3fd7ff7a144bd

  • SHA1

    8816112e72b7b64a668bf7214999d855a7e05bde

  • SHA256

    a84009aa12f35d93284297647c2714df7f5b0a04d2e0732c689740920ea1421f

  • SHA512

    bf80fdf5fa8c00a0ddb773bed073d33b67bf6189b87b803f6fea7071e49dfdeb86cf2142175d9287fbc7bcfd639c42d848e9331f8bc7e68dacaaa33901432243

Score
10/10
xmrigevasionexecutionminer

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/setup_moneroocean_miner.bat

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/xmrig.zip

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/nssm.zip

Targets

    • Target

      vers1.bat

    • Size

      393B

    • MD5

      ece9925dc634f1cc20e3fd7ff7a144bd

    • SHA1

      8816112e72b7b64a668bf7214999d855a7e05bde

    • SHA256

      a84009aa12f35d93284297647c2714df7f5b0a04d2e0732c689740920ea1421f

    • SHA512

      bf80fdf5fa8c00a0ddb773bed073d33b67bf6189b87b803f6fea7071e49dfdeb86cf2142175d9287fbc7bcfd639c42d848e9331f8bc7e68dacaaa33901432243

    Score
    10/10
    xmrigevasionexecutionminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks