xmrig | f7fc9a481fe3f36ea1b9c02a00bd44593da978b8ee271b5d1303deada592347a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

b11ba5254d...0N.exe

windows7-x64

b11ba5254d...0N.exe

windows10-2004-x64

Sharing

General

Target

b11ba5254dac41bc54a7144ed8adfe60N.exe
Size

1.8MB
Sample

240805-t8n1wawbrf
MD5

b11ba5254dac41bc54a7144ed8adfe60
SHA1

5e2e20d03758dd65f129afba8832be61c6c2838f
SHA256

f7fc9a481fe3f36ea1b9c02a00bd44593da978b8ee271b5d1303deada592347a
SHA512

e8b4f79177f37fbf782f4d85492bdc69dd79d20a4be1ad155eadb010f33be18a3e6210362dfb4eb2802ed252a146f8a18f156c59385d7122ec6224f24a2b336d
SSDEEP

24576:zv3/fTLF671TilQFG4P5PMkUCCWvLEvjhnXwx8/2Pbx/mbGR+caMj0vO/qEeGgdq:Lz071uv4BPMkHC0IlnASEx/RkiTWlusa

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

b11ba5254dac41bc54a7144ed8adfe60N.exe

Resource

win7-20240708-en

xmrig execution miner upx

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

b11ba5254dac41bc54a7144ed8adfe60N.exe

Resource

win10v2004-20240802-en

xmrig execution miner upx

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  b11ba5254dac41bc54a7144ed8adfe60N.exe
- Size
  
  1.8MB
- MD5
  
  b11ba5254dac41bc54a7144ed8adfe60
- SHA1
  
  5e2e20d03758dd65f129afba8832be61c6c2838f
- SHA256
  
  f7fc9a481fe3f36ea1b9c02a00bd44593da978b8ee271b5d1303deada592347a
- SHA512
  
  e8b4f79177f37fbf782f4d85492bdc69dd79d20a4be1ad155eadb010f33be18a3e6210362dfb4eb2802ed252a146f8a18f156c59385d7122ec6224f24a2b336d
- SSDEEP
  
  24576:zv3/fTLF671TilQFG4P5PMkUCCWvLEvjhnXwx8/2Pbx/mbGR+caMj0vO/qEeGgdq:Lz071uv4BPMkHC0IlnASEx/RkiTWlusa
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy