xmrig | fe135b7c27c0b874bdfecfeb77163ab72edb54a1b342753f2579dde6daecc39d

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2024 06:24

Target

2024-12-26_026b2fe0bb8937e4c024ff75faebcbe9_cobalt-strike_cobaltstrike_poet-rat.exe
Size

6.1MB
MD5

026b2fe0bb8937e4c024ff75faebcbe9
SHA1

5dc901781df5bc33e0d81e7b044111e24f92f80f
SHA256

fe135b7c27c0b874bdfecfeb77163ab72edb54a1b342753f2579dde6daecc39d
SHA512

1a175653c2177682e275b053d5516ece51b6d1d44215e15103b99de1662a2111264a05a88a33c0cb5be02d087ff050efc1bd533d3629483a3e8bb7cd45945424
SSDEEP

98304:IapSdlWdfE0pZPD56utgpPFotBER/mQ32lUi:32Y56utgpPF8u/7i

Score

10^/10

xmrig miner upx

Xmrig family
xmrig
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/392-0-0x00007FF7FF600000-0x00007FF7FF954000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/392-0-0x00007FF7FF600000-0x00007FF7FF954000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-12-26_026b2fe0bb8937e4c024ff75faebcbe9_cobalt-strike_cobaltstrike_poet-rat.exe
"C:\Users\Admin\AppData\Local\Temp\2024-12-26_026b2fe0bb8937e4c024ff75faebcbe9_cobalt-strike_cobaltstrike_poet-rat.exe"
1⤵
PID:392

memory/392-0-0x00007FF7FF600000-0x00007FF7FF954000-memory.dmp

Filesize
3.3MB

Download