xmrig | df0b8317c535dfb3cb4e8a7bd57a6133d539f970818f3ad56976ebe1e5720dde

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
22-12-2024 18:52

Target

cd281ff82a8a64b290ea3f9c45cd3c5bc2d8a9709d3866928522e22eade91915.exe
Size

1.2MB
MD5

0536a46f8cc4c6520364fbbe295e50d7
SHA1

5efd7173bc0353b399bdd9bc6b6061da4da2ec91
SHA256

cd281ff82a8a64b290ea3f9c45cd3c5bc2d8a9709d3866928522e22eade91915
SHA512

052c77005b393512fe25d18de2f0baf09a9fca602dc575e2fd7b177ebe6fb2a34726287b0679718f60948f90d60440184beceb3460d3bae29ea76f97bdbbe531
SSDEEP

24576:sy+jMkaTDtuF6kYK2MS6+wxaD21EtYlsVVRylcOJLrTkHurKgC:syFkaTDtuMkxrU3t9icaLMuri

Score

10^/10

xmrig miner upx

Xmrig family
xmrig
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral1/memory/2112-1-0x0000000000400000-0x0000000000AF1000-memory.dmp	xmrig

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2112-2-0x0000000000400000-0x0000000000AF1000-memory.dmp	upx
behavioral1/memory/2112-1-0x0000000000400000-0x0000000000AF1000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\cd281ff82a8a64b290ea3f9c45cd3c5bc2d8a9709d3866928522e22eade91915.exe
"C:\Users\Admin\AppData\Local\Temp\cd281ff82a8a64b290ea3f9c45cd3c5bc2d8a9709d3866928522e22eade91915.exe"
1⤵
PID:2112

memory/2112-2-0x0000000000400000-0x0000000000AF1000-memory.dmp

Filesize
6.9MB

Download
memory/2112-1-0x0000000000400000-0x0000000000AF1000-memory.dmp

Filesize
6.9MB

Download
memory/2112-0-0x00000000002F0000-0x0000000000304000-memory.dmp

Filesize
80KB

Download