xmrig | d75045c6e948268d55d0ff970c824cfc8e3591edb9be7d2fe2eb15a4d3a135b7 | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-07...ig.exe

windows10-2004-x64

Sharing

General

Target

2025-04-07_63f41cbe2726217b95b91b7eea0fca44_black-basta_ezcob_xmrig
Size

4.4MB
Sample

250407-nbdwraxtey
MD5

63f41cbe2726217b95b91b7eea0fca44
SHA1

67e7904b518626ebd99e6f4dcce9d51c35403420
SHA256

d75045c6e948268d55d0ff970c824cfc8e3591edb9be7d2fe2eb15a4d3a135b7
SHA512

b190f12c44b184ba2e1ac93dc7b4a4e869414f3c0b3e3f50ac861ae49af2cabcf8c6acf9e9556d55358e601486c8ad246fba7810ecf0f753b468d44a9de1e5de
SSDEEP

98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr87:zbBeSFkd

Score

10^/10

xmrig execution miner upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

2025-04-07_63f41cbe2726217b95b91b7eea0fca44_black-basta_ezcob_xmrig.exe

Resource

win10v2004-20250314-en

xmrig execution miner upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-07_63f41cbe2726217b95b91b7eea0fca44_black-basta_ezcob_xmrig
- Size
  
  4.4MB
- MD5
  
  63f41cbe2726217b95b91b7eea0fca44
- SHA1
  
  67e7904b518626ebd99e6f4dcce9d51c35403420
- SHA256
  
  d75045c6e948268d55d0ff970c824cfc8e3591edb9be7d2fe2eb15a4d3a135b7
- SHA512
  
  b190f12c44b184ba2e1ac93dc7b4a4e869414f3c0b3e3f50ac861ae49af2cabcf8c6acf9e9556d55358e601486c8ad246fba7810ecf0f753b468d44a9de1e5de
- SSDEEP
  
  98304:z1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHr87:zbBeSFkd
Score

10^/10

xmrig execution miner upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigexecutionminerupx

© 2018-2025

Terms | Privacy