xmrig | 33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4 | Triage

Submit
Reports

Overview

overview

Static

static

33dcde3953...cs.exe

windows7-x64

33dcde3953...cs.exe

windows10-2004-x64

Sharing

General

Target

33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4_NeikiAnalytics.exe
Size

2.0MB
Sample

240701-elhg9ayfpr
MD5

b918690827446bacedfe31e0dfbf4670
SHA1

8a41c9259104e4eb516bd8f195a906fb602e07f5
SHA256

33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4
SHA512

1c82ba3ad0d18f0ef5837e42a3fbeecf51843393e619a03839bb99b2f7fa6ae8ca9fd068250227407a55b124184ce4f135e53289e16e5ad55fd55d2dd78b2f7d
SSDEEP

49152:Lz071uv4BPMkyW10/w16BvZX71Fq8+w4a9g:NABj

Score

10^/10

xmrig execution miner upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4_NeikiAnalytics.exe

Resource

win7-20240508-en

xmrig execution miner upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

xmrig execution miner upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4_NeikiAnalytics.exe
- Size
  
  2.0MB
- MD5
  
  b918690827446bacedfe31e0dfbf4670
- SHA1
  
  8a41c9259104e4eb516bd8f195a906fb602e07f5
- SHA256
  
  33dcde3953caeb83157fd64a00221ad1ffb85300062a51294d2ac1f25ffeced4
- SHA512
  
  1c82ba3ad0d18f0ef5837e42a3fbeecf51843393e619a03839bb99b2f7fa6ae8ca9fd068250227407a55b124184ce4f135e53289e16e5ad55fd55d2dd78b2f7d
- SSDEEP
  
  49152:Lz071uv4BPMkyW10/w16BvZX71Fq8+w4a9g:NABj
Score

10^/10

xmrig execution miner upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xmrigexecutionminerupx

behavioral2

xmrigexecutionminerupx

© 2018-2024

Terms | Privacy