xmrig | 31f21a49299d074e17b8c6a532bdd52336c237e213c829a6c1de43a46a4d854b | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-07...ig.exe

windows10-2004-x64

Sharing

General

Target

2025-04-07_27e56b51576319f65fdb43064a0f6fae_aspxspy_black-basta_ezcob_imuler_xmrig
Size

5.7MB
Sample

250407-m24pesw1hs
MD5

27e56b51576319f65fdb43064a0f6fae
SHA1

6a2f296ebe2209a2c211be3f57be0b1b2352c879
SHA256

31f21a49299d074e17b8c6a532bdd52336c237e213c829a6c1de43a46a4d854b
SHA512

a2240b5e773bda32dd6577ec6e2fea4296cc8b7877a90ed1ff0c9e44a84322b44d78781f3b6ea4adf2034edc60b5508d1396d4288c28a0c1ccc6aafc444a9bad
SSDEEP

98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr86:zbBeSFk8

Score

10^/10

xmrig execution miner upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

2025-04-07_27e56b51576319f65fdb43064a0f6fae_aspxspy_black-basta_ezcob_imuler_xmrig.exe

Resource

win10v2004-20250314-en

xmrig execution miner upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-07_27e56b51576319f65fdb43064a0f6fae_aspxspy_black-basta_ezcob_imuler_xmrig
- Size
  
  5.7MB
- MD5
  
  27e56b51576319f65fdb43064a0f6fae
- SHA1
  
  6a2f296ebe2209a2c211be3f57be0b1b2352c879
- SHA256
  
  31f21a49299d074e17b8c6a532bdd52336c237e213c829a6c1de43a46a4d854b
- SHA512
  
  a2240b5e773bda32dd6577ec6e2fea4296cc8b7877a90ed1ff0c9e44a84322b44d78781f3b6ea4adf2034edc60b5508d1396d4288c28a0c1ccc6aafc444a9bad
- SSDEEP
  
  98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr86:zbBeSFk8
Score

10^/10

xmrig execution miner upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy