xmrig | 9522b7fd024715019a3282d05e45fab9bdeae596301aef54ada0694eae0dc035

Analysis

max time kernel
93s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20250129-en
resource tags

arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
submitted
01-02-2025 15:45

Target

2025-02-01_885def1defca19fe9c09905f5f0961e8_cobalt-strike_cobaltstrike_poet-rat.exe
Size

5.9MB
MD5

885def1defca19fe9c09905f5f0961e8
SHA1

634b3ed12bb0ece9ac21a3fa5667f29f44632712
SHA256

9522b7fd024715019a3282d05e45fab9bdeae596301aef54ada0694eae0dc035
SHA512

adf42b59f7b6f05096c025803c31075f60addcbc9cc42759da82b0c37da20dc313fa0afe4fc5edb6c090e8c5aa94d462b569b21e5d64de0ee4edf3372bf73f8e
SSDEEP

98304:demTLkNdfE0pZ3u56utgpPFotBER/mQ32lUw:E+b56utgpPF8u/7w

Score

10^/10

xmrig miner upx

Xmrig family
xmrig
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral2/memory/216-0-0x00007FF6E92C0000-0x00007FF6E9614000-memory.dmp	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/216-0-0x00007FF6E92C0000-0x00007FF6E9614000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2025-02-01_885def1defca19fe9c09905f5f0961e8_cobalt-strike_cobaltstrike_poet-rat.exe
"C:\Users\Admin\AppData\Local\Temp\2025-02-01_885def1defca19fe9c09905f5f0961e8_cobalt-strike_cobaltstrike_poet-rat.exe"
1⤵
PID:216

memory/216-0-0x00007FF6E92C0000-0x00007FF6E9614000-memory.dmp

Filesize
3.3MB

Download