xmrig | 0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78 | Triage

Submit
Reports

Overview

overview

Static

static

0423b5659a...78.exe

windows7-x64

0423b5659a...78.exe

windows10-2004-x64

Sharing

General

Target

0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78.exe
Size

1.6MB
Sample

241118-pc2vmswla1
MD5

6e8973edb75ebc2a257a752f858661a7
SHA1

4aa5fb5f5211bb1d0598154bc5d447c526f8a435
SHA256

0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78
SHA512

1ee2e74fc76dda6f2bba679069e781466ed62a0a58d4432580997bf678e39e7f1597c718fa0c00bce156fefef55e9c909220414cdf879653cf3dd73552a76e96
SSDEEP

49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHqJ:NABm

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78.exe

Resource

win7-20241010-en

xmrig execution miner upx

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78.exe

Resource

win10v2004-20241007-en

xmrig execution miner upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78.exe
- Size
  
  1.6MB
- MD5
  
  6e8973edb75ebc2a257a752f858661a7
- SHA1
  
  4aa5fb5f5211bb1d0598154bc5d447c526f8a435
- SHA256
  
  0423b5659ad0aff940aef3530d3dc41d9c11eb7565e57348f939d98c04e77e78
- SHA512
  
  1ee2e74fc76dda6f2bba679069e781466ed62a0a58d4432580997bf678e39e7f1597c718fa0c00bce156fefef55e9c909220414cdf879653cf3dd73552a76e96
- SSDEEP
  
  49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHqJ:NABm
Score

10^/10

xmrig execution miner upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Legitimate hosting services abused for malware hosting/C2
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2024

Terms | Privacy