xmrig | ef5f677774c123302378c32c263112d5f9785fb80f3b02c7b8d3ea4503042900 | Triage

Submit
Reports

Overview

overview

Static

static

2025-05-11...ig.exe

windows10-2004-x64

2025-05-11...ig.exe

windows11-21h2-x64

Sharing

Copy URL Twitter E-mail

General

Target

2025-05-11_ff996e298ca8df9b5bf5fb2a28bdd6af_aspxspy_black-basta_poison-ivy_xmrig
Size

2.7MB
Sample

250511-gksb6swsdx
MD5

ff996e298ca8df9b5bf5fb2a28bdd6af
SHA1

cda087cef140a1ce8f5341d9fd3f56d00a9a05ec
SHA256

ef5f677774c123302378c32c263112d5f9785fb80f3b02c7b8d3ea4503042900
SHA512

9fc3681784bb3c7413f63a36e6b44d234fdc54fafab4efb675605e854f2482a06da0cc4200782459df71cf0ce53990aeb91eec7cbc03be818943982dbfd6e7bf
SSDEEP

49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcmWH/xDyNdHs:w0GnJMOWPClFdx6e0EALKWVTffZiPAcN

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

2025-05-11_ff996e298ca8df9b5bf5fb2a28bdd6af_aspxspy_black-basta_poison-ivy_xmrig.exe

Resource

win10v2004-20250502-en

xmrig miner upx

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-05-11_ff996e298ca8df9b5bf5fb2a28bdd6af_aspxspy_black-basta_poison-ivy_xmrig.exe

Resource

win11-20250502-en

xmrig miner persistence privilege_escalation upx

windows11-21h2-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-05-11_ff996e298ca8df9b5bf5fb2a28bdd6af_aspxspy_black-basta_poison-ivy_xmrig
- Size
  
  2.7MB
- MD5
  
  ff996e298ca8df9b5bf5fb2a28bdd6af
- SHA1
  
  cda087cef140a1ce8f5341d9fd3f56d00a9a05ec
- SHA256
  
  ef5f677774c123302378c32c263112d5f9785fb80f3b02c7b8d3ea4503042900
- SHA512
  
  9fc3681784bb3c7413f63a36e6b44d234fdc54fafab4efb675605e854f2482a06da0cc4200782459df71cf0ce53990aeb91eec7cbc03be818943982dbfd6e7bf
- SSDEEP
  
  49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcmWH/xDyNdHs:w0GnJMOWPClFdx6e0EALKWVTffZiPAcN
Score

10^/10

xmrig miner upx persistence privilege_escalation
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy

	
		OSZAR »