xmrig | 1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c | Triage

Submit
Reports

Overview

overview

Static

static

1f918842f9...4c.exe

windows7-x64

1f918842f9...4c.exe

windows10-2004-x64

Sharing

General

Target

1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c
Size

1.7MB
Sample

240701-x9eelsvgre
MD5

106c82f469b1d41b54f56fc39f639b6a
SHA1

fd8b327e06581b33fb9e015151d2850f10035ae0
SHA256

1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c
SHA512

ef90eaa4bd7f7021da4c5cb056787dea0e2359f762e6099d7e2c0879a6a935e7d8998907c5dd1101e5c221d1409392e9d5a058cc6f2dae01a1a6855bd0c27539
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTnHzlyZA52C3EES:Lz071uv4BPMkFfdk2auTg0lS

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

6 signatures

Behavioral task

behavioral1

Sample

1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c.exe

Resource

win7-20240611-en

xmrig execution miner upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c.exe

Resource

win10v2004-20240508-en

xmrig execution miner upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c
- Size
  
  1.7MB
- MD5
  
  106c82f469b1d41b54f56fc39f639b6a
- SHA1
  
  fd8b327e06581b33fb9e015151d2850f10035ae0
- SHA256
  
  1f918842f93cad82ea0853b4be1925e779f67e42adb042a295c3d31d615c2e4c
- SHA512
  
  ef90eaa4bd7f7021da4c5cb056787dea0e2359f762e6099d7e2c0879a6a935e7d8998907c5dd1101e5c221d1409392e9d5a058cc6f2dae01a1a6855bd0c27539
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTnHzlyZA52C3EES:Lz071uv4BPMkFfdk2auTg0lS
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Detects executables containing URLs to raw contents of a Github gist
- UPX dump on OEP (original entry point)
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2024

Terms | Privacy