xmrig | ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad | Triage

Submit
Reports

Overview

overview

Static

static

ee9b45cc7a...ad.exe

windows7-x64

ee9b45cc7a...ad.exe

windows10-2004-x64

Sharing

General

Target

ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad
Size

1.1MB
Sample

240727-gaaz5ssgjb
MD5

0aad79cc793596de7693580d94d4f1ef
SHA1

a62f7d1484887219d87fb0b379f59ba783f13b8b
SHA256

ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad
SHA512

65792c62a005d517437c06fc76a5bb7ab3eca7fbd30e9f837a1c75f04969bc00ee761c6c2c2c555dacefd96c9f518faffcb52dc62a9badf25c93d160ff59199c
SSDEEP

24576:JanwhSe11QSONCpGJCjETPlGC78XCejIODoselrIpjwjURY0:knw9oUUEEDlGUrMAGpPT

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad.exe

Resource

win7-20240705-en

xmrig miner upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad.exe

Resource

win10v2004-20240709-en

xmrig miner persistence privilege_escalation upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad
- Size
  
  1.1MB
- MD5
  
  0aad79cc793596de7693580d94d4f1ef
- SHA1
  
  a62f7d1484887219d87fb0b379f59ba783f13b8b
- SHA256
  
  ee9b45cc7a9b48c039294b83dba670ca1d4356bcb65ace86a61a877676dad0ad
- SHA512
  
  65792c62a005d517437c06fc76a5bb7ab3eca7fbd30e9f837a1c75f04969bc00ee761c6c2c2c555dacefd96c9f518faffcb52dc62a9badf25c93d160ff59199c
- SSDEEP
  
  24576:JanwhSe11QSONCpGJCjETPlGC78XCejIODoselrIpjwjURY0:knw9oUUEEDlGUrMAGpPT
Score

10^/10

xmrig miner upx persistence privilege_escalation
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistenceprivilege_escalationupx

© 2018-2024

Terms | Privacy