Overview

overview

10

Static

static

10

script.bat

windows10-2004-x64

10

script.bat

windows10-ltsc_2021-x64

10

script.bat

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    script.bat

  • Size

    793B

  • Sample

    250328-l8kpfsvscy

  • MD5

    f29c7cf031f619739012fdbfa95bba54

  • SHA1

    ccddd138b2e91a4da65da97ec11f2dc661782e60

  • SHA256

    5e45e7089ffaee30e35a4b61eb918255fbd60c8876956c039165c89a45b51717

  • SHA512

    1eaff6b177df441c856001e7b1367bc6697552f52249df64531d7eaa6ce5c3b05acfb8b6df791370acc7516cdc798b629693f3ce0b26062998ccd7fb558386e5

Score
10/10
xmrigexecutionminer

Malware Config

Targets

    • Target

      script.bat

    • Size

      793B

    • MD5

      f29c7cf031f619739012fdbfa95bba54

    • SHA1

      ccddd138b2e91a4da65da97ec11f2dc661782e60

    • SHA256

      5e45e7089ffaee30e35a4b61eb918255fbd60c8876956c039165c89a45b51717

    • SHA512

      1eaff6b177df441c856001e7b1367bc6697552f52249df64531d7eaa6ce5c3b05acfb8b6df791370acc7516cdc798b629693f3ce0b26062998ccd7fb558386e5

    Score
    10/10
    xmrigexecutionminer

    • XMRig Miner payload

      miner

    • Xmrig family

      xmrig

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.