xmrig | f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51 | Triage

Submit
Reports

Overview

overview

Static

static

f7034550a8...51.exe

windows7-x64

f7034550a8...51.exe

windows10-2004-x64

Sharing

General

Target

f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51
Size

1.9MB
Sample

240704-gee5naxbqr
MD5

48418102c5bad492387414c2a2db8524
SHA1

6b10b4899463a5624573ad39988b75c5119e455d
SHA256

f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51
SHA512

e2a4783d5a67a94d5f0dbdb48402bc48c8b5c9e7baf0a1711d665e605c282ede48ac267e4a42e3acb9d46d454a7599db03cddb7ba7820ac9c5c9ee7c6161c3b1
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNI/TQ9f27dvapbkUmyJeBqFT:Lz071uv4BPMkFfdk2a2yKmkUDeGPP

Score

10^/10

xmrig execution miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51.exe

Resource

win7-20240221-en

xmrig execution miner persistence privilege_escalation upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51.exe

Resource

win10v2004-20240611-en

xmrig execution miner upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51
- Size
  
  1.9MB
- MD5
  
  48418102c5bad492387414c2a2db8524
- SHA1
  
  6b10b4899463a5624573ad39988b75c5119e455d
- SHA256
  
  f7034550a84e35bd3555952380eda294f80c38aa2b07d442b1069c101936cf51
- SHA512
  
  e2a4783d5a67a94d5f0dbdb48402bc48c8b5c9e7baf0a1711d665e605c282ede48ac267e4a42e3acb9d46d454a7599db03cddb7ba7820ac9c5c9ee7c6161c3b1
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNI/TQ9f27dvapbkUmyJeBqFT:Lz071uv4BPMkFfdk2a2yKmkUDeGPP
Score

10^/10

xmrig execution miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerpersistenceprivilege_escalationupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy