xmrig | f7057197dbade38a7383174f32224a83589fa8ac824e068f339512e23b220d5b | Triage

Submit
Reports

Overview

overview

Static

static

2025-05-11...ig.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2025-05-11_4fd19c4b477887f4336fa8a779dcafdd_aspxspy_black-basta_poison-ivy_xmrig
Size

2.7MB
Sample

250511-grkwnsgj4s
MD5

4fd19c4b477887f4336fa8a779dcafdd
SHA1

d0f05dece22301985f5021c6da3a16b0f992c7ac
SHA256

f7057197dbade38a7383174f32224a83589fa8ac824e068f339512e23b220d5b
SHA512

bface51117b803f02eb2f4b86a07e9961264e2dd5d8edcb414a560ba7be1fc58c18e9f8dea60ec8d8f475a8174bf980b1764435ab175fc65f6431be2a54a6522
SSDEEP

49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcmWH/xDyNdHs:w0GnJMOWPClFdx6e0EALKWVTffZiPAcZ

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

2025-05-11_4fd19c4b477887f4336fa8a779dcafdd_aspxspy_black-basta_poison-ivy_xmrig.exe

Resource

win10v2004-20250502-en

xmrig miner persistence privilege_escalation upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-05-11_4fd19c4b477887f4336fa8a779dcafdd_aspxspy_black-basta_poison-ivy_xmrig
- Size
  
  2.7MB
- MD5
  
  4fd19c4b477887f4336fa8a779dcafdd
- SHA1
  
  d0f05dece22301985f5021c6da3a16b0f992c7ac
- SHA256
  
  f7057197dbade38a7383174f32224a83589fa8ac824e068f339512e23b220d5b
- SHA512
  
  bface51117b803f02eb2f4b86a07e9961264e2dd5d8edcb414a560ba7be1fc58c18e9f8dea60ec8d8f475a8174bf980b1764435ab175fc65f6431be2a54a6522
- SSDEEP
  
  49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcmWH/xDyNdHs:w0GnJMOWPClFdx6e0EALKWVTffZiPAcZ
Score

10^/10

xmrig miner persistence privilege_escalation upx
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigminerpersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy

	
		OSZAR »