xmrig | 377ca9b62cf90c4aa987e91f5dc5556dc3f258a163f1097473060a23da1b2645 | Triage

Submit
Reports

Overview

overview

Static

static

592609a9d3...0N.exe

windows7-x64

592609a9d3...0N.exe

windows10-2004-x64

Sharing

General

Target

592609a9d3932e629a4ebef2d08a1160N.exe
Size

1.9MB
Sample

240803-gcy5razbqa
MD5

592609a9d3932e629a4ebef2d08a1160
SHA1

8604c3275571a0ff3184cb893eb37d7229506b74
SHA256

377ca9b62cf90c4aa987e91f5dc5556dc3f258a163f1097473060a23da1b2645
SHA512

5eac49ba2b2b3c9d053a7bbddc1b5264eba58756f4beec66c208ac55d0154bb73f86c609a5246bee4b8a9fafc6b8afc77c81513f2d3470bb8f2bb9bbba4edf66
SSDEEP

49152:Lz071uv4BPMkibTIA5I4TNrpDGgDQGq9tws:NABz

Score

10^/10

xmrig execution miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

592609a9d3932e629a4ebef2d08a1160N.exe

Resource

win7-20240729-en

xmrig execution miner persistence privilege_escalation upx

windows7-x64

11 signatures

120 seconds

Behavioral task

behavioral2

Sample

592609a9d3932e629a4ebef2d08a1160N.exe

Resource

win10v2004-20240802-en

xmrig execution miner upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  592609a9d3932e629a4ebef2d08a1160N.exe
- Size
  
  1.9MB
- MD5
  
  592609a9d3932e629a4ebef2d08a1160
- SHA1
  
  8604c3275571a0ff3184cb893eb37d7229506b74
- SHA256
  
  377ca9b62cf90c4aa987e91f5dc5556dc3f258a163f1097473060a23da1b2645
- SHA512
  
  5eac49ba2b2b3c9d053a7bbddc1b5264eba58756f4beec66c208ac55d0154bb73f86c609a5246bee4b8a9fafc6b8afc77c81513f2d3470bb8f2bb9bbba4edf66
- SSDEEP
  
  49152:Lz071uv4BPMkibTIA5I4TNrpDGgDQGq9tws:NABz
Score

10^/10

xmrig execution miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerpersistenceprivilege_escalationupx

behavioral2

xmrigexecutionminerupx

© 2018-2024

Terms | Privacy