xmrig | e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

e8eca883e3...9d.exe

windows7-x64

e8eca883e3...9d.exe

windows10-2004-x64

Sharing

General

Target

e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d
Size

1.3MB
Sample

240802-g6kjfs1akj
MD5

5c073dd13f6c4884fb50490a5356e613
SHA1

5a62bed1fc3269701fcbbdc9fb3d57b1a153586f
SHA256

e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d
SHA512

aa066c965510dfb322ec6e4de41e590d01fed62c5712ad69191d999080cad5f5f6a1d592ec3105e887d4afba634add6249abea25b5c73df0c090272d54593076
SSDEEP

24576:JanwhSe11QSONCpGJCjETPlWXWZ5Pbcq92zjP+sjI1XPflj:knw9oUUEEDl37jcq4nPU9

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d.exe

Resource

win7-20240704-en

xmrig miner persistence privilege_escalation upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d.exe

Resource

win10v2004-20240730-en

xmrig miner upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d
- Size
  
  1.3MB
- MD5
  
  5c073dd13f6c4884fb50490a5356e613
- SHA1
  
  5a62bed1fc3269701fcbbdc9fb3d57b1a153586f
- SHA256
  
  e8eca883e31b6fc2e080e8e4825020c42ad0218633a2b6da1afa288a02e3539d
- SHA512
  
  aa066c965510dfb322ec6e4de41e590d01fed62c5712ad69191d999080cad5f5f6a1d592ec3105e887d4afba634add6249abea25b5c73df0c090272d54593076
- SSDEEP
  
  24576:JanwhSe11QSONCpGJCjETPlWXWZ5Pbcq92zjP+sjI1XPflj:knw9oUUEEDl37jcq4nPU9
Score

10^/10

xmrig miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceprivilege_escalationupx

behavioral2

© 2018-2025

Terms | Privacy