xmrig | 474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0 | Triage

Submit
Reports

Overview

overview

Static

static

474c03fbf3...b0.exe

windows7-x64

474c03fbf3...b0.exe

windows10-2004-x64

Sharing

General

Target

474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0
Size

1.8MB
Sample

241224-1madxsykhp
MD5

1ead5cded7df2ceb556331ef03c5e884
SHA1

0bc59da1ee759c5075b87d0aeedff3cba9e3f66a
SHA256

474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0
SHA512

28114581e56202c544144153aa252718e17becb45faecb66935f1742581e8c8f0a760e3a2a0292e023b87a8f96c5782d6ff5f20753ffff3175c0bb07b4286f75
SSDEEP

49152:GezaTF8FcNkNdfE0pZ9ozttwIRRvzc26JxSUi:GemTLkNdfE0pZyH

Score

10^/10

xmrig miner persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0.exe

Resource

win7-20240903-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0.exe

Resource

win10v2004-20241007-en

xmrig miner persistence

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0
- Size
  
  1.8MB
- MD5
  
  1ead5cded7df2ceb556331ef03c5e884
- SHA1
  
  0bc59da1ee759c5075b87d0aeedff3cba9e3f66a
- SHA256
  
  474c03fbf337c87469393b5035cea023ba25f2aac78c4d890f265dc750cf20b0
- SHA512
  
  28114581e56202c544144153aa252718e17becb45faecb66935f1742581e8c8f0a760e3a2a0292e023b87a8f96c5782d6ff5f20753ffff3175c0bb07b4286f75
- SSDEEP
  
  49152:GezaTF8FcNkNdfE0pZ9ozttwIRRvzc26JxSUi:GemTLkNdfE0pZyH
Score

10^/10

xmrig miner persistence
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistence

© 2018-2025

Terms | Privacy