Overview

overview

10

Static

static

10

config.zip

windows7-x64

1

config.zip

windows10-2004-x64

1

config.json

windows7-x64

3

config.json

windows10-2004-x64

3

xmrig.exe

windows7-x64

1

xmrig.exe

windows10-2004-x64

1

Resubmissions

01-02-2025 16:22

250201-tt9n2askfq 10

01-02-2025 16:20

250201-ts4fmaskdj 10

01-02-2025 16:08

250201-tk7s3s1qfj 10

Analysis

  • max time kernel
    25s
  • max time network
    29s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250129-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-02-2025 16:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xmrig.exe

  • Size

    6.1MB

  • MD5

    f6d520ae125f03056c4646c508218d16

  • SHA1

    f65e63d14dd57eadb262deaa2b1a8a965a2a962c

  • SHA256

    d2fcf28897ddc2137141d838b734664ff7592e03fcd467a433a51cb4976b4fb1

  • SHA512

    d1ec3da141ce504993a0cbf8ea4b719ffa40a2be4941c18ffc64ec3f71435f7bddadda6032ec0ae6cada66226ee39a2012079ed318df389c7c6584ad3e1c334d

  • SSDEEP

    98304:JtRK2Xvf49fuI0nBkLuFvJr4XGCkc/zF2fz5IZ4ePzpS+KdbjrD/6K+TU3nA:I2Xv42VKzYz6Z4qSndf3D+TU3A

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\xmrig.exe
    "C:\Users\Admin\AppData\Local\Temp\xmrig.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3172-0-0x000001CCA5090000-0x000001CCA50B0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3172-1-0x000001CCA50E0000-0x000001CCA5100000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3172-3-0x000001CCA5120000-0x000001CCA5140000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3172-2-0x000001CCA5100000-0x000001CCA5120000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3172-4-0x000001CCA5100000-0x000001CCA5120000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3172-5-0x000001CCA5120000-0x000001CCA5140000-memory.dmp

    Filesize

    128KB

    Download