Resubmissions
03/09/2024, 12:14
240903-pelw7sxeke 1003/09/2024, 12:12
240903-pdb1lswdjq 1003/09/2024, 12:11
240903-pck7wswcrm 1003/09/2024, 08:42
240903-kl4clsscqq 1003/09/2024, 08:41
240903-klrzkstckc 1003/09/2024, 08:41
240903-klkv9sscnn 1003/09/2024, 08:40
240903-klbycstcjd 1003/09/2024, 08:40
240903-kk236atcja 1003/09/2024, 08:40
240903-kktrsatbrg 10Analysis
-
max time kernel
1556s -
max time network
1557s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/09/2024, 08:41
General
-
Target
ORIGIN BETA/2Kryptex-ETC-Rigel.bat
-
Size
92B
-
MD5
634f74bb86bbee797fb3fd78bb981c69
-
SHA1
dacc178885db2349ad47b9e8d2fb6140dbb7ca61
-
SHA256
4c42750d70f4097dd4de26367a7ee25704bca438e82476c4e9481246d067b632
-
SHA512
07d76ed885fefa28765cfe3b6c42213fb43c6ec709a82aa7245c8896fe4e79b7d672fcf3043a658ed034e27449e9921f5120a911cb0a0ce8667d819e6d2720ef
Score
10/10
Malware Config
Signatures
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\ORIGIN BETA\2Kryptex-ETC-Rigel.bat"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\ORIGIN BETA\xmrig.exe
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12.2MB