xmrig | c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...0a.exe

windows7-x64

JaffaCakes...0a.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a
Size

3.8MB
Sample

241223-qlnj2szrdv
MD5

febbbf7688c6f15d39363a08b3dac195
SHA1

ebd948f60ce0c512b1ad07bd9d75ceefce0a7074
SHA256

c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a
SHA512

cb19ea8724f1e4a72807b8025546bca19381e3f040af2a6fc537c2f94d3985705ec4db4a69767223e9af1809a9c3d3eea6d521f82eb5141dfd31daeb4776185a
SSDEEP

49152:EnCbL83y9FdfE0pZ0zCa4wI156uL3pgrCEdMKPFotsgEBr6GjvzW+UBA3Gd7p9:EniLf9FdfE0pZB156utgpPFotBER/Q

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a.exe

Resource

win7-20240903-en

xmrig miner persistence privilege_escalation upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a
- Size
  
  3.8MB
- MD5
  
  febbbf7688c6f15d39363a08b3dac195
- SHA1
  
  ebd948f60ce0c512b1ad07bd9d75ceefce0a7074
- SHA256
  
  c30ab6e6867751e827115546dc98d35ef62209358c0c81354b1d67c05278880a
- SHA512
  
  cb19ea8724f1e4a72807b8025546bca19381e3f040af2a6fc537c2f94d3985705ec4db4a69767223e9af1809a9c3d3eea6d521f82eb5141dfd31daeb4776185a
- SSDEEP
  
  49152:EnCbL83y9FdfE0pZ0zCa4wI156uL3pgrCEdMKPFotsgEBr6GjvzW+UBA3Gd7p9:EniLf9FdfE0pZB156utgpPFotBER/Q
Score

10^/10

xmrig miner persistence privilege_escalation upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceprivilege_escalationupx

behavioral2

© 2018-2024

Terms | Privacy