xmrig | 8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704 | Triage

Submit
Reports

Overview

overview

Static

static

3

8f861c2089...04.exe

windows7-x64

8f861c2089...04.exe

windows10-2004-x64

Sharing

General

Target

8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704.exe
Size

4.9MB
Sample

241219-dxq34avqds
MD5

3d375d10b594f69c51b80948ec0e4c03
SHA1

439779b78363df27d5874efb256aa5e415e0b8b3
SHA256

8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704
SHA512

635d39a32aa3c01cf2d7c5910639da9dbc7f661daba92d0b6c6d543123aa84bfac86dc7c72d6f88ace93d4d2b520e5020094d11f8d78c6859ea68265e8dad560
SSDEEP

98304:VlPQoHOVR78LR77DWaPL+RbDQuAv9QyhT/UxEdmrm:VGoHWB6Uaz+RfQBlhL8Edf

Score

10^/10

xmrig miner persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704.exe

Resource

win7-20241023-en

xmrig miner persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704.exe

Resource

win10v2004-20241007-en

xmrig miner persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704.exe
- Size
  
  4.9MB
- MD5
  
  3d375d10b594f69c51b80948ec0e4c03
- SHA1
  
  439779b78363df27d5874efb256aa5e415e0b8b3
- SHA256
  
  8f861c2089520549eb6c1eb3cba713a8316ffe9f3573199e27cb48bd5e1ca704
- SHA512
  
  635d39a32aa3c01cf2d7c5910639da9dbc7f661daba92d0b6c6d543123aa84bfac86dc7c72d6f88ace93d4d2b520e5020094d11f8d78c6859ea68265e8dad560
- SSDEEP
  
  98304:VlPQoHOVR78LR77DWaPL+RbDQuAv9QyhT/UxEdmrm:VGoHWB6Uaz+RfQBlhL8Edf
Score

10^/10

xmrig miner persistence upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Power Settings
  powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
  persistence
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Power Settings

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceupx

behavioral2

xmrigminerpersistenceupx

© 2018-2025

Terms | Privacy