xmrig | f43db369e0af2af2f1b0abb8da9963e79f21c724b65d2a59db67ca5e4379fb19 | Triage

Submit
Reports

Overview

overview

Static

static

3

Fatality.exe

windows7-x64

Fatality.exe

windows10-2004-x64

Sharing

General

Target

Fatality.exe
Size

2.1MB
Sample

250124-25lekstkhx
MD5

ab637a979ba3f9e64730d0d64bf55dc7
SHA1

2701c106d3b66aa75852f82dfadef0c791e7bc87
SHA256

f43db369e0af2af2f1b0abb8da9963e79f21c724b65d2a59db67ca5e4379fb19
SHA512

120c9af2442d107d38bde79f80445bff0862e7dde6aa8c3388f0a69061588b0baee10e4ac9cfffcdb25728823e388bc6487e2fe447c758e4dd22d4168c8b7165
SSDEEP

49152:r6yNBEGdFePFvVY09GPY9YuQHz/ITi4Na:r6yv/dcbY6YzQi4Na

Score

10^/10

xmrig discovery execution miner

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Fatality.exe

Resource

win7-20240708-en

xmrig discovery execution miner

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Fatality.exe

Resource

win10v2004-20241007-en

xmrig execution miner

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Fatality.exe
- Size
  
  2.1MB
- MD5
  
  ab637a979ba3f9e64730d0d64bf55dc7
- SHA1
  
  2701c106d3b66aa75852f82dfadef0c791e7bc87
- SHA256
  
  f43db369e0af2af2f1b0abb8da9963e79f21c724b65d2a59db67ca5e4379fb19
- SHA512
  
  120c9af2442d107d38bde79f80445bff0862e7dde6aa8c3388f0a69061588b0baee10e4ac9cfffcdb25728823e388bc6487e2fe447c758e4dd22d4168c8b7165
- SSDEEP
  
  49152:r6yNBEGdFePFvVY09GPY9YuQHz/ITi4Na:r6yv/dcbY6YzQi4Na
Score

10^/10

xmrig discovery execution miner
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigdiscoveryexecutionminer

behavioral2

xmrigexecutionminer

© 2018-2025

Terms | Privacy