xmrig | 607626fde0a0263edd41db4721523682cb343600ef083fc78f23f04ca8be04b1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

mBBBgvD.exe

windows11-21h2-x64

Sharing

General

Target

mBBBgvD.exe
Size

2.3MB
Sample

250301-twg2ssvzfs
MD5

120b148606efb6400aa3aeb9ce44a668
SHA1

e7488d6d0893c4d074f69718c8ee32da42d98207
SHA256

607626fde0a0263edd41db4721523682cb343600ef083fc78f23f04ca8be04b1
SHA512

6a5888c08f9378805978f53fd01a93dcc7f202198c12e57376c794e3f60d04c1b67dd6f51156c2ded32ae318cf73baa2b9f811fe1e99de4ddc86ac35bc2a2a43
SSDEEP

49152:W1vr8uwYtUeKFj/c2e4r7XplKVZo0juLx1hZf18E2yujq3:W1freFj/c2e4rinaj8E2hg

Score

10^/10

xmrig xworm discovery miner rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

mBBBgvD.exe

Resource

win11-20250217-en

xmrig xworm discovery miner rat trojan

windows11-21h2-x64

13 signatures

900 seconds

Malware Config

Extracted

Family

xworm

C2

95.164.19.68:1987

Mutex

humtwXiPPZ6S5Ma5

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  mBBBgvD.exe
- Size
  
  2.3MB
- MD5
  
  120b148606efb6400aa3aeb9ce44a668
- SHA1
  
  e7488d6d0893c4d074f69718c8ee32da42d98207
- SHA256
  
  607626fde0a0263edd41db4721523682cb343600ef083fc78f23f04ca8be04b1
- SHA512
  
  6a5888c08f9378805978f53fd01a93dcc7f202198c12e57376c794e3f60d04c1b67dd6f51156c2ded32ae318cf73baa2b9f811fe1e99de4ddc86ac35bc2a2a43
- SSDEEP
  
  49152:W1vr8uwYtUeKFj/c2e4r7XplKVZo0juLx1hZf18E2yujq3:W1freFj/c2e4rinaj8E2hg
Score

10^/10

xmrig xworm discovery miner rat trojan
- Detect Xworm Payload
- Xmrig family
  xmrig
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigxwormdiscoveryminerrattrojan

© 2018-2025

Terms | Privacy