Overview

overview

10

Static

static

3

Triage/Test.exe

windows10-2004-x64

10

Triage/Test.exe

windows10-2004-x64

10

Triage/Test.exe

windows10-ltsc 2021-x64

10

Triage/Test.exe

windows11-21h2-x64

10

Triage/Test.exe

windows7-x64

10

Triage/Test2.exe

windows7-x64

10

Triage/Test2.exe

windows10-2004-x64

10

Triage/Test2.exe

windows10-ltsc 2021-x64

10

Triage/Test2.exe

windows11-21h2-x64

10

Triage/Test2.exe

windows7-x64

10

Triage/Test3.exe

windows10-ltsc 2021-x64

10

Triage/Test3.exe

windows10-2004-x64

10

Triage/Test3.exe

windows10-ltsc 2021-x64

10

Triage/Test3.exe

windows11-21h2-x64

10

Triage/Test3.exe

windows7-x64

10

Triage/Test4.exe

windows10-ltsc 2021-x64

10

Triage/Test4.exe

windows10-2004-x64

10

Triage/Test4.exe

windows10-ltsc 2021-x64

10

Triage/Test4.exe

windows11-21h2-x64

10

Triage/Test4.exe

windows7-x64

10

Triage/Test5.exe

windows10-2004-x64

10

Triage/Test5.exe

windows10-2004-x64

10

Triage/Test5.exe

windows10-ltsc 2021-x64

10

Triage/Test5.exe

windows11-21h2-x64

10

Triage/Test5.exe

windows7-x64

10

Resubmissions

16-11-2024 18:06

241116-wp4y4aznhy 10

13-11-2024 16:23

241113-tv1shsvhmn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Triage.zip

  • Size

    19.6MB

  • Sample

    241116-wp4y4aznhy

  • MD5

    413bcfed31400918f62416617805606f

  • SHA1

    b9366d07b5715f1be51645f3ff5499458ddfaa90

  • SHA256

    cedef524b310863d014742266add69204464f9ef7b5daac8b8253160195bc66b

  • SHA512

    3122d976f67c8a89191f92d9413f36f311fad2d68a518bbc9de0f70cee32c6ba7a5a6b7d0a2b3d948471ff2c7de734d8326db24fedd8e80200852809c1d70cda

  • SSDEEP

    393216:gBkS7T+RGQPhXBkS7T+RGQPhkBkS7T+RGQPhZBkS7T+RGQPh2BkS7T+RGQPhh:gBk2ctBk2cKBk2cDBk2cQBk2cf

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      Triage/Test.exe

    • Size

      4.9MB

    • MD5

      8136f991544b48f3f64764ecb8eb7ecb

    • SHA1

      81151ada9288fde410a14254554c124ba553cba1

    • SHA256

      bfca67785b156c56f5e04edd97f5dfd4b72664facf1a663dbfb6e2662abf032b

    • SHA512

      d6703707503014bc90ed52eccad9f4e96d4eae06895975d6c8d66f77f1d1158043cd15bbfb55e0dabfcda2363d7109c25e7b3aa131a4faf5c784e1945d2530fd

    • SSDEEP

      98304:BDc6nwsaESMplY63OEVf8J9p72FOUPtekqzFLym3Qs5gREwbubaT:B/n03MdR8DB0OU0Fp2CYuba

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2behavioral3behavioral4behavioral5

    • Target

      Triage/Test2.exe

    • Size

      4.9MB

    • MD5

      8136f991544b48f3f64764ecb8eb7ecb

    • SHA1

      81151ada9288fde410a14254554c124ba553cba1

    • SHA256

      bfca67785b156c56f5e04edd97f5dfd4b72664facf1a663dbfb6e2662abf032b

    • SHA512

      d6703707503014bc90ed52eccad9f4e96d4eae06895975d6c8d66f77f1d1158043cd15bbfb55e0dabfcda2363d7109c25e7b3aa131a4faf5c784e1945d2530fd

    • SSDEEP

      98304:BDc6nwsaESMplY63OEVf8J9p72FOUPtekqzFLym3Qs5gREwbubaT:B/n03MdR8DB0OU0Fp2CYuba

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral6behavioral7behavioral8behavioral9

    • Target

      Triage/Test3.exe

    • Size

      4.9MB

    • MD5

      8136f991544b48f3f64764ecb8eb7ecb

    • SHA1

      81151ada9288fde410a14254554c124ba553cba1

    • SHA256

      bfca67785b156c56f5e04edd97f5dfd4b72664facf1a663dbfb6e2662abf032b

    • SHA512

      d6703707503014bc90ed52eccad9f4e96d4eae06895975d6c8d66f77f1d1158043cd15bbfb55e0dabfcda2363d7109c25e7b3aa131a4faf5c784e1945d2530fd

    • SSDEEP

      98304:BDc6nwsaESMplY63OEVf8J9p72FOUPtekqzFLym3Qs5gREwbubaT:B/n03MdR8DB0OU0Fp2CYuba

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11behavioral12behavioral13behavioral14behavioral15

    • Target

      Triage/Test4.exe

    • Size

      4.9MB

    • MD5

      8136f991544b48f3f64764ecb8eb7ecb

    • SHA1

      81151ada9288fde410a14254554c124ba553cba1

    • SHA256

      bfca67785b156c56f5e04edd97f5dfd4b72664facf1a663dbfb6e2662abf032b

    • SHA512

      d6703707503014bc90ed52eccad9f4e96d4eae06895975d6c8d66f77f1d1158043cd15bbfb55e0dabfcda2363d7109c25e7b3aa131a4faf5c784e1945d2530fd

    • SSDEEP

      98304:BDc6nwsaESMplY63OEVf8J9p72FOUPtekqzFLym3Qs5gREwbubaT:B/n03MdR8DB0OU0Fp2CYuba

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral16behavioral17behavioral18behavioral19behavioral20

    • Target

      Triage/Test5.exe

    • Size

      4.9MB

    • MD5

      8136f991544b48f3f64764ecb8eb7ecb

    • SHA1

      81151ada9288fde410a14254554c124ba553cba1

    • SHA256

      bfca67785b156c56f5e04edd97f5dfd4b72664facf1a663dbfb6e2662abf032b

    • SHA512

      d6703707503014bc90ed52eccad9f4e96d4eae06895975d6c8d66f77f1d1158043cd15bbfb55e0dabfcda2363d7109c25e7b3aa131a4faf5c784e1945d2530fd

    • SSDEEP

      98304:BDc6nwsaESMplY63OEVf8J9p72FOUPtekqzFLym3Qs5gREwbubaT:B/n03MdR8DB0OU0Fp2CYuba

    Score
    10/10
    xmrigminerupx

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral21behavioral22behavioral23behavioral24behavioral25

MITRE ATT&CK Matrix

Tasks

static1

Score
3/10

behavioral1

xmrigminerupx
Score
10/10

behavioral2

xmrigminerupx
Score
10/10

behavioral3

xmrigminerupx
Score
10/10

behavioral4

xmrigminerupx
Score
10/10

behavioral5

xmrigminerupx
Score
10/10

behavioral6

xmrigminerupx
Score
10/10

behavioral7

xmrigminerupx
Score
10/10

behavioral8

xmrigminerupx
Score
10/10

behavioral9

xmrigminerupx
Score
10/10

behavioral10

xmrigminerupx
Score
10/10

behavioral11

xmrigminerupx
Score
10/10

behavioral12

xmrigminerupx
Score
10/10

behavioral13

xmrigminerupx
Score
10/10

behavioral14

xmrigminerupx
Score
10/10

behavioral15

xmrigminerupx
Score
10/10

behavioral16

xmrigminerupx
Score
10/10

behavioral17

xmrigminerupx
Score
10/10

behavioral18

xmrigminerupx
Score
10/10

behavioral19

xmrigminerupx
Score
10/10

behavioral20

xmrigminerupx
Score
10/10

behavioral21

xmrigminerupx
Score
10/10

behavioral22

xmrigminerupx
Score
10/10

behavioral23

xmrigminerupx
Score
10/10

behavioral24

xmrigminerupx
Score
10/10

behavioral25

xmrigminerupx
Score
10/10