xmrig | 186a73506a0107663515b4f48e07cad159cb54c03f6e08a164e5c8b2c83ad59d | Triage

Submit
Reports

Overview

overview

Static

static

3

Credit Car...ed.exe

windows7-x64

Credit Car...ed.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_186a73506a0107663515b4f48e07cad159cb54c03f6e08a164e5c8b2c83ad59d
Size

30.7MB
Sample

241222-dwtgts1rfj
MD5

f6d057014a23825e071312d3068035a7
SHA1

1807ac5e91c0ae489bab4212bbfa1678946d50f3
SHA256

186a73506a0107663515b4f48e07cad159cb54c03f6e08a164e5c8b2c83ad59d
SHA512

0b871086efba834eeb8c871bcac5a82d53706db31dafb6afc092cff4cdd681fbd2569bb96d9bb7a3a7435c081b1ba3ac38f4cf9573470dc240e36f6117f71ff1
SSDEEP

786432:lHfWOrvW6U0LeYKFVIyHpr4UFcyzW4lRPo25i7vVLrty+usHLdbY:ZTvW6U0LeYaV3r4UFJ7l2250VHodsHLu

Score

10^/10

xmrig defense_evasion miner

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Credit Card Leacher Updated.exe

Resource

win7-20241010-en

xmrig defense_evasion miner

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Credit Card Leacher Updated.exe

Resource

win10v2004-20241007-en

xmrig defense_evasion miner

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  Credit Card Leacher Updated.exe
- Size
  
  39.6MB
- MD5
  
  1a66e85ed92c4b32a2bd9f05c618f09a
- SHA1
  
  9cae80b15315271cce4e941f2e05cd7147963e21
- SHA256
  
  747bdbf0fba77bf78a49dda85bfa1d595fb12468b6b8b8e89aa7dcc5fb610acd
- SHA512
  
  cf6a2a8eab861572345033f1955f55c8d2ab4a477d67d1343006564434693e112f362a4c59d45524825dd6fd429fcac17132b6a964e8519bcc1d6513d09a0e95
- SSDEEP
  
  49152:N7aJSKwMWHXN8K5vWXHbQbW0Bzip3iLXL47MUvu6w0BoiO9ix2NfjIfJvndZ1QUF:
Score

10^/10

xmrig defense_evasion miner
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigdefense_evasionminer

behavioral2

xmrigdefense_evasionminer

© 2018-2025

Terms | Privacy