xmrig | aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafdd | Triage

Submit
Reports

Overview

overview

Static

static

aa04bd9d17...dN.exe

windows7-x64

aa04bd9d17...dN.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafddN
Size

1.4MB
Sample

240927-kkww5stfqp
MD5

0481c60ab85f60843f6aebf693239260
SHA1

b2200d7ba550d3b285d772d8d39d4dce0c7d2fd7
SHA256

aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafdd
SHA512

7a21f7b92148945ae915fdf8d9f58e7af554f35c6fe560f8ffc4e6023d225c0d88ba0341478b4100874485ef9e7b9f1d30eaa97fb847ace50cc4213531b0ae0b
SSDEEP

24576:JanwhSe11QSONCpGJCjETPlWXWZ5PbcmC3f/DFNkTQbOF+sabpbb4w3RD:knw9oUUEEDl37jcmWH/xbnbx99

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafddN.exe

Resource

win7-20240903-en

xmrig miner persistence privilege_escalation upx

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafddN.exe

Resource

win10v2004-20240802-en

xmrig miner persistence privilege_escalation upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafddN
- Size
  
  1.4MB
- MD5
  
  0481c60ab85f60843f6aebf693239260
- SHA1
  
  b2200d7ba550d3b285d772d8d39d4dce0c7d2fd7
- SHA256
  
  aa04bd9d1725bfed35c46f754056e7032a86e48cfbff3914040a9ba4510fafdd
- SHA512
  
  7a21f7b92148945ae915fdf8d9f58e7af554f35c6fe560f8ffc4e6023d225c0d88ba0341478b4100874485ef9e7b9f1d30eaa97fb847ace50cc4213531b0ae0b
- SSDEEP
  
  24576:JanwhSe11QSONCpGJCjETPlWXWZ5PbcmC3f/DFNkTQbOF+sabpbb4w3RD:knw9oUUEEDl37jcmWH/xbnbx99
Score

10^/10

xmrig miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceprivilege_escalationupx

behavioral2

xmrigminerpersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy