Overview

overview

10

Static

static

10

2025-02-02...ig.exe

windows7-x64

10

2025-02-02...ig.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2025, 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2025-02-02_18079e35fed632b63ae1559bf00d2993_cobalt-strike_polyvice_xmrig.exe

  • Size

    6.8MB

  • MD5

    18079e35fed632b63ae1559bf00d2993

  • SHA1

    661dd819abac6056db1deb311c12ebac3105670e

  • SHA256

    5b6555f34bfabd324ef4787060200f56d299844e5097eb563cebb62044a05348

  • SHA512

    c32056c43884ed59933594e5eda6d5713e923a2b881c2e31153155e3c2a34d8c4171eca28c1ca8e9593bceee0b93a232a25a57ef1e9d7515493fef6d36419cb0

  • SSDEEP

    98304:i0C2IPwX7GtpTc0GgM7Sbbhivcug3tYw9DGZ5VjO+jMaHE5Sc+NLZz+vwjXRsuhV:il1iZ3STwLR1xsLvEWPv+

Score
10/10
xmrigminer

Malware Config

Signatures

  • Xmrig family
    xmrig
  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig
  • XMRig Miner payload 1 IoCs
    miner

Processes

  • C:\Users\Admin\AppData\Local\Temp\2025-02-02_18079e35fed632b63ae1559bf00d2993_cobalt-strike_polyvice_xmrig.exe
    "C:\Users\Admin\AppData\Local\Temp\2025-02-02_18079e35fed632b63ae1559bf00d2993_cobalt-strike_polyvice_xmrig.exe"
    1⤵
      PID:1556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1556-0-0x0000000000F90000-0x0000000000FA4000-memory.dmp

      Filesize

      80KB

      Download

    • memory/1556-1-0x0000000000400000-0x0000000000DFB000-memory.dmp

      Filesize

      10.0MB

      Download