xmrig | 4e604959c9c5a3d3aedc49c7900a1bf20ff2906a9bb4516c48d23a4e7f0143d8

Analysis

max time kernel
93s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
15-09-2024 09:47

Target

2024-09-15_10d044933ee076ff8eda0768fe39fdf9_cobalt-strike_cobaltstrike_poet-rat.exe
Size

6.1MB
MD5

10d044933ee076ff8eda0768fe39fdf9
SHA1

bccefeb9c28102a15d205507c9abf3c6fbefaf31
SHA256

4e604959c9c5a3d3aedc49c7900a1bf20ff2906a9bb4516c48d23a4e7f0143d8
SHA512

7f99d66808b9d7543ca50c2fa475e98137f585b036bd5ff52b543be64899ac8799424121fd94679974c4cee76a2e6f328ba2a2c3e691d6e856a3c5b1b9cf066d
SSDEEP

98304:EniLf9FdfE0pZB156utgpPFotBER/mQ32lUU:eOl56utgpPF8u/7U

Score

10^/10

xmrig miner upx

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/1644-0-0x00007FF6EC050000-0x00007FF6EC3A4000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1644-0-0x00007FF6EC050000-0x00007FF6EC3A4000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-09-15_10d044933ee076ff8eda0768fe39fdf9_cobalt-strike_cobaltstrike_poet-rat.exe
"C:\Users\Admin\AppData\Local\Temp\2024-09-15_10d044933ee076ff8eda0768fe39fdf9_cobalt-strike_cobaltstrike_poet-rat.exe"
1⤵
PID:1644

memory/1644-0-0x00007FF6EC050000-0x00007FF6EC3A4000-memory.dmp

Filesize
3.3MB

Download