xmrig | 82c0497e4126d2e30f965bdb1e8ef74653a1ae61c9a68c0adca74d11d425c0ee

Analysis

max time kernel
94s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2024 06:51

Target

2024-12-22_db78511121c2a55ef0cd2a5bea10bd53_cobalt-strike_cobaltstrike_poet-rat.exe
Size

6.0MB
MD5

db78511121c2a55ef0cd2a5bea10bd53
SHA1

d39b0da5e7061e07f05b0eeb8ead5f0b9ef4c6f1
SHA256

82c0497e4126d2e30f965bdb1e8ef74653a1ae61c9a68c0adca74d11d425c0ee
SHA512

ccabf3d7956c6674dc83f2cd0db165a08276e02e39f637bc8735d3447f1a50203848f5acf4355d6a90aa911e1635b67887f7c3d9f6cbd2bab07ce8c3f4582786
SSDEEP

98304:EniLf9FdfE0pZB156utgpPFotBER/mQ32lUq:eOl56utgpPF8u/7q

Score

10^/10

xmrig miner upx

Xmrig family
xmrig
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/2268-0-0x00007FF666A40000-0x00007FF666D94000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/2268-0-0x00007FF666A40000-0x00007FF666D94000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-12-22_db78511121c2a55ef0cd2a5bea10bd53_cobalt-strike_cobaltstrike_poet-rat.exe
"C:\Users\Admin\AppData\Local\Temp\2024-12-22_db78511121c2a55ef0cd2a5bea10bd53_cobalt-strike_cobaltstrike_poet-rat.exe"
1⤵
PID:2268

memory/2268-0-0x00007FF666A40000-0x00007FF666D94000-memory.dmp

Filesize
3.3MB

Download