xmrig | f5ce46e1e3cdf8b10dc0a3111fa6bc33f10c57a6513b9b3de083ded4dac19395 | Triage

Submit
Reports

Overview

overview

Static

static

3

8dd1e17add...25.exe

windows7-x64

8dd1e17add...25.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_f5ce46e1e3cdf8b10dc0a3111fa6bc33f10c57a6513b9b3de083ded4dac19395
Size

858KB
Sample

241222-x89t5awqaw
MD5

adf92367fd469b51fd592b9b728a1b81
SHA1

495497541fa36d0f97c5b93a879580098d812142
SHA256

f5ce46e1e3cdf8b10dc0a3111fa6bc33f10c57a6513b9b3de083ded4dac19395
SHA512

4371251fea737d5a161e46e96a79a9bfbd2ff321d9e011812af5f9f346d652c9366de88eeb5db53ef6ec4db1dd5f6c9023980f57fa3e76ae6207d0b4a0d17cf6
SSDEEP

12288:rk27aRdLqGUCoNHUtY1ISH9xrMyMt97cP4I8E94h3t6KHehUyDzsRODNiDwdq:rkyaRIXCl21ldCy8ql8EbKCJvNNiDwk

Score

10^/10

xmrig discovery miner upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8dd1e17add364bc1620cae1b935df162a39ef5f6a5232932cf5b13247c5dd625.exe

Resource

win7-20241010-en

xmrig discovery miner upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

8dd1e17add364bc1620cae1b935df162a39ef5f6a5232932cf5b13247c5dd625.exe

Resource

win10v2004-20241007-en

xmrig discovery miner upx

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  8dd1e17add364bc1620cae1b935df162a39ef5f6a5232932cf5b13247c5dd625
- Size
  
  916KB
- MD5
  
  47ce7fdd09c103f348bf25353aff6d98
- SHA1
  
  f71108f19aceb14258b7e1b772d3994b64a7a87b
- SHA256
  
  8dd1e17add364bc1620cae1b935df162a39ef5f6a5232932cf5b13247c5dd625
- SHA512
  
  18873a53f42b9bee5817b4ccf9bf3912c4f11b555d86b9b21e59bf489452ec47c8bcf46f827cbc559661a24b4d628dcb62bb02f0fb1de99f271c434775388d67
- SSDEEP
  
  12288:SvfyIIIzAClE7uDOch+h2ul/mJoz3Wdtp3ldri8L7nuWVJKajDZ1/zdP1T:esSzlEqF+hVcOwt1RfzfjDZ9BdT
Score

10^/10

xmrig discovery miner upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigdiscoveryminerupx

behavioral2

xmrigdiscoveryminerupx

© 2018-2024

Terms | Privacy