xmrig | 24f5106c63f003209fbf6f1ece7582e7c7e3abf0a1f428b3eab0ff1de5cb31a8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

55c40b0370...0N.exe

windows7-x64

55c40b0370...0N.exe

windows10-2004-x64

Sharing

General

Target

55c40b0370e15c4871a36ba3b55d8b30N.exe
Size

1.5MB
Sample

240803-f2k4ravbln
MD5

55c40b0370e15c4871a36ba3b55d8b30
SHA1

96f7fed6b756af01c6fac0e5a2afa9ec7bf168d5
SHA256

24f5106c63f003209fbf6f1ece7582e7c7e3abf0a1f428b3eab0ff1de5cb31a8
SHA512

3e9c1881cb148ed100f45f3564be2d3dbf4262c883f018720c659c975ef69db225074bc201e50086d831524020280ff7dd239d7079217a99927b781ddace9f71
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWYyq5shef1YdWOFHNSxN:Lz071uv4BPMkibTIA5yXLNSL

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

55c40b0370e15c4871a36ba3b55d8b30N.exe

Resource

win7-20240704-en

xmrig execution miner upx

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

55c40b0370e15c4871a36ba3b55d8b30N.exe

Resource

win10v2004-20240802-en

xmrig execution miner upx

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  55c40b0370e15c4871a36ba3b55d8b30N.exe
- Size
  
  1.5MB
- MD5
  
  55c40b0370e15c4871a36ba3b55d8b30
- SHA1
  
  96f7fed6b756af01c6fac0e5a2afa9ec7bf168d5
- SHA256
  
  24f5106c63f003209fbf6f1ece7582e7c7e3abf0a1f428b3eab0ff1de5cb31a8
- SHA512
  
  3e9c1881cb148ed100f45f3564be2d3dbf4262c883f018720c659c975ef69db225074bc201e50086d831524020280ff7dd239d7079217a99927b781ddace9f71
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWYyq5shef1YdWOFHNSxN:Lz071uv4BPMkibTIA5yXLNSL
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy