xmrig | b338a53267bc7ab13d18cb196263b8933c5ad746b9a586fe12dab7539ff44da5 | Triage

Sharing

General

Target

2024-08-26_30f96a6ce1b7ae296fc12d66f2d7fdfd_poet-rat_snatch
Size

6.9MB
Sample

240826-f5gkqsxekh
MD5

30f96a6ce1b7ae296fc12d66f2d7fdfd
SHA1

ffd025f41a3a1270e6bb335f1e71d32674d016a2
SHA256

b338a53267bc7ab13d18cb196263b8933c5ad746b9a586fe12dab7539ff44da5
SHA512

f78456dfc34c163cf07beebcea50e4350c317941c4f7cf9455986b99c12f1687c5f5b2683d90b50fd48b40ca07c1a4d466775f3b81a1bec330661f8540429b62
SSDEEP

98304:g3ZVZLzmZITNeMNEav5L32dtF8IARnGj36HrLb54waSDr:gpLaZGNebaEdT0RGjK3b546Dr

Score

10^/10

xmrig miner

Malware Config

Targets

- Target
  
  2024-08-26_30f96a6ce1b7ae296fc12d66f2d7fdfd_poet-rat_snatch
- Size
  
  6.9MB
- MD5
  
  30f96a6ce1b7ae296fc12d66f2d7fdfd
- SHA1
  
  ffd025f41a3a1270e6bb335f1e71d32674d016a2
- SHA256
  
  b338a53267bc7ab13d18cb196263b8933c5ad746b9a586fe12dab7539ff44da5
- SHA512
  
  f78456dfc34c163cf07beebcea50e4350c317941c4f7cf9455986b99c12f1687c5f5b2683d90b50fd48b40ca07c1a4d466775f3b81a1bec330661f8540429b62
- SSDEEP
  
  98304:g3ZVZLzmZITNeMNEav5L32dtF8IARnGj36HrLb54waSDr:gpLaZGNebaEdT0RGjK3b546Dr
Score

10^/10

xmrig miner
- XMRig Miner payload
  miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2