xmrig | 07f8a9d9c0792e46ab027a761251ec72a4eeb6597667c1d86a135a546e0663d4

Analysis

max time kernel
94s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
15/09/2024, 09:43

Target

2024-09-15_fb71b6f9c5d0176e0e124fe38934e000_cobalt-strike_cobaltstrike_poet-rat.exe
Size

5.9MB
MD5

fb71b6f9c5d0176e0e124fe38934e000
SHA1

ee63ef5fa4981e5521fa757ce10e67e0727c412c
SHA256

07f8a9d9c0792e46ab027a761251ec72a4eeb6597667c1d86a135a546e0663d4
SHA512

dea85fd9c0d3dd4057e51188321661d49b61efe2e5d860e41796c6919119d7ede0355ccd8fe5b4db62a35e853df2829233f3d37e89e019bd53ae5ae9857dfe04
SSDEEP

98304:demTLkNdfE0pZ3u56utgpPFotBER/mQ32lUB:E+b56utgpPF8u/7B

Score

10^/10

xmrig miner upx

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/4644-0-0x00007FF7BE2E0000-0x00007FF7BE634000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4644-0-0x00007FF7BE2E0000-0x00007FF7BE634000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-09-15_fb71b6f9c5d0176e0e124fe38934e000_cobalt-strike_cobaltstrike_poet-rat.exe
"C:\Users\Admin\AppData\Local\Temp\2024-09-15_fb71b6f9c5d0176e0e124fe38934e000_cobalt-strike_cobaltstrike_poet-rat.exe"
1⤵
PID:4644

memory/4644-0-0x00007FF7BE2E0000-0x00007FF7BE634000-memory.dmp

Filesize
3.3MB

Download