xmrig | 1ab212f1a2b1c43697d106488e5c210471027ea1e372cb9c4976dd13269c5452 | Triage

Submit
Reports

Overview

overview

Static

static

2025-05-11...ig.exe

windows10-2004-x64

2025-05-11...ig.exe

windows11-21h2-x64

Sharing

Copy URL Twitter E-mail

General

Target

2025-05-11_dcacbdc3704ec1293d1cb252ba8f59d2_black-basta_imuler_poison-ivy_xmrig
Size

2.8MB
Sample

250511-jlm5ysyjv2
MD5

dcacbdc3704ec1293d1cb252ba8f59d2
SHA1

52f7490cf4fd1d34b2ef6f3e360475f5e6d7032c
SHA256

1ab212f1a2b1c43697d106488e5c210471027ea1e372cb9c4976dd13269c5452
SHA512

f542bde6e53eed0a2869e1126b7e7ffbefcb6c582d739e4f38fbfed460dfe1564fac7aebe2cc872a22c5a9ea3f5ed6cdaa0e20c6749b8282e3bfc743bc46b88d
SSDEEP

49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUh+hNFcGv1Y:w0GnJMOWPClFdx6e0EALKWVTffZiPAcq

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

miner upx xmrig

4 signatures

Behavioral task

behavioral1

Sample

2025-05-11_dcacbdc3704ec1293d1cb252ba8f59d2_black-basta_imuler_poison-ivy_xmrig.exe

Resource

win10v2004-20250502-en

xmrig miner upx

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-05-11_dcacbdc3704ec1293d1cb252ba8f59d2_black-basta_imuler_poison-ivy_xmrig.exe

Resource

win11-20250508-en

xmrig miner persistence privilege_escalation upx

windows11-21h2-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-05-11_dcacbdc3704ec1293d1cb252ba8f59d2_black-basta_imuler_poison-ivy_xmrig
- Size
  
  2.8MB
- MD5
  
  dcacbdc3704ec1293d1cb252ba8f59d2
- SHA1
  
  52f7490cf4fd1d34b2ef6f3e360475f5e6d7032c
- SHA256
  
  1ab212f1a2b1c43697d106488e5c210471027ea1e372cb9c4976dd13269c5452
- SHA512
  
  f542bde6e53eed0a2869e1126b7e7ffbefcb6c582d739e4f38fbfed460dfe1564fac7aebe2cc872a22c5a9ea3f5ed6cdaa0e20c6749b8282e3bfc743bc46b88d
- SSDEEP
  
  49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUh+hNFcGv1Y:w0GnJMOWPClFdx6e0EALKWVTffZiPAcq
Score

10^/10

xmrig miner upx persistence privilege_escalation
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xmrigminerpersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy

	
		OSZAR »