xmrig | cfadb57231db888cebbcbcbb19b3ccfb9dc2272dc19b15ae229d200c2aeb07af | Triage

Submit
Reports

Overview

overview

Static

static

7a6fc1cdbf...0N.exe

windows7-x64

7a6fc1cdbf...0N.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

7a6fc1cdbf370f9d71f1e098f8cbafc0N.exe
Size

1.6MB
Sample

240716-gk582a1alf
MD5

7a6fc1cdbf370f9d71f1e098f8cbafc0
SHA1

f3c142d7fe60b5d3779c2c53ee83059c2444624b
SHA256

cfadb57231db888cebbcbcbb19b3ccfb9dc2272dc19b15ae229d200c2aeb07af
SHA512

897f1dcf05d574e21371c050d7965209068c43d5da3322d1e369fcd9055c3724dea1566682de65174c4c1513a2cb240a2081a5f9a84864cda98431398ce932d3
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkFfkeMlNIZbElhzBXeCnfJCwCvH3z8RMfJF5W:Lz071uv4BPMkFfdgIZohteLPD8N

Score

10^/10

xmrig execution miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

7a6fc1cdbf370f9d71f1e098f8cbafc0N.exe

Resource

win7-20240708-en

xmrig execution miner persistence privilege_escalation upx

windows7-x64

11 signatures

120 seconds

Behavioral task

behavioral2

Sample

7a6fc1cdbf370f9d71f1e098f8cbafc0N.exe

Resource

win10v2004-20240709-en

xmrig execution miner upx

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  7a6fc1cdbf370f9d71f1e098f8cbafc0N.exe
- Size
  
  1.6MB
- MD5
  
  7a6fc1cdbf370f9d71f1e098f8cbafc0
- SHA1
  
  f3c142d7fe60b5d3779c2c53ee83059c2444624b
- SHA256
  
  cfadb57231db888cebbcbcbb19b3ccfb9dc2272dc19b15ae229d200c2aeb07af
- SHA512
  
  897f1dcf05d574e21371c050d7965209068c43d5da3322d1e369fcd9055c3724dea1566682de65174c4c1513a2cb240a2081a5f9a84864cda98431398ce932d3
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkFfkeMlNIZbElhzBXeCnfJCwCvH3z8RMfJF5W:Lz071uv4BPMkFfdgIZohteLPD8N
Score

10^/10

xmrig execution miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerpersistenceprivilege_escalationupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy