xmrig | 9e6fe2218c1806012b50cadd345cc17ea48f464142bc034df5daef4a1579900a

Analysis

max time kernel
135s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
13-09-2024 13:36

Target

2024-09-13_da3f38a749e0d90c8f8b41ed40baf081_cobalt-strike_cobaltstrike_poet-rat.exe
Size

6.0MB
MD5

da3f38a749e0d90c8f8b41ed40baf081
SHA1

bc7d4a49f6a6c24c82d131be6d8dfcb1e4f9616d
SHA256

9e6fe2218c1806012b50cadd345cc17ea48f464142bc034df5daef4a1579900a
SHA512

d15f12eb30a9e0536b73a2b5c3e45151c5381a4762b1e1116056cfa1558f1cbd16f3240b97397ee45a11aa522b3acdb7e41788c9eb0faf794d578d53f2ab4dac
SSDEEP

98304:EniLf9FdfE0pZB156utgpPFotBER/mQ32lU4:eOl56utgpPF8u/74

Score

10^/10

xmrig miner upx

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/2528-0-0x00007FF749350000-0x00007FF7496A4000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/2528-0-0x00007FF749350000-0x00007FF7496A4000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-09-13_da3f38a749e0d90c8f8b41ed40baf081_cobalt-strike_cobaltstrike_poet-rat.exe
"C:\Users\Admin\AppData\Local\Temp\2024-09-13_da3f38a749e0d90c8f8b41ed40baf081_cobalt-strike_cobaltstrike_poet-rat.exe"
1⤵
PID:2528

memory/2528-0-0x00007FF749350000-0x00007FF7496A4000-memory.dmp

Filesize
3.3MB

Download