xmrig | c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7 | Triage

Submit
Reports

Overview

overview

Static

static

c968a1a66f...b7.exe

windows7-x64

c968a1a66f...b7.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7
Size

2.0MB
Sample

240817-frhkwa1hkj
MD5

15a83b6cf3029e8c9bd421e8b48ccc9a
SHA1

381919181d0ceccb1410f3a00f83a136de35e342
SHA256

c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7
SHA512

7185316660b5dc6964ea0dec87a639d0aab271fb63919f23109fdb95eb6eeab5c79ff0d7fed0554ae32ea6b4ee5375a7b17760bdfef7fe17bac5f2b331596486
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wISK9NcHFqMl:BemTLkNdfE0pZrs

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7.exe

Resource

win7-20240708-en

xmrig miner persistence privilege_escalation upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7.exe

Resource

win10v2004-20240802-en

xmrig miner persistence privilege_escalation upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7
- Size
  
  2.0MB
- MD5
  
  15a83b6cf3029e8c9bd421e8b48ccc9a
- SHA1
  
  381919181d0ceccb1410f3a00f83a136de35e342
- SHA256
  
  c968a1a66fad8c0d7aa0037ed65055955d17d428453c55c3fe668a62508ea3b7
- SHA512
  
  7185316660b5dc6964ea0dec87a639d0aab271fb63919f23109fdb95eb6eeab5c79ff0d7fed0554ae32ea6b4ee5375a7b17760bdfef7fe17bac5f2b331596486
- SSDEEP
  
  49152:BezaTF8FcNkNdfE0pZ9ozt4wISK9NcHFqMl:BemTLkNdfE0pZrs
Score

10^/10

xmrig miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceprivilege_escalationupx

behavioral2

xmrigminerpersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy