xmrig | 378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb | Triage

Submit
Reports

Overview

overview

Static

static

378ec7f421...cs.exe

windows7-x64

378ec7f421...cs.exe

windows10-2004-x64

Sharing

General

Target

378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb_NeikiAnalytics.exe
Size

1.7MB
Sample

240701-fr7vrsxbnc
MD5

c1d40aee5f1d941aa167e9574f68cf10
SHA1

2f0e76220413cfeb06bccd5d8913179af4d3608c
SHA256

378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb
SHA512

c5412b9ada27c026a93f90eec68deeec97ac0f41a21385d9ada3bf09969b36783471aa60e3b9a0d3be1d7f05ed24572a8a20b6cf4621769737304f1e52c8b4bc
SSDEEP

24576:JanwhSe11QSONCpGJCjETPlia+zzDwGpmbqD0CkG0L2tQZgGV0Bm2YkYnKwaAt0F:knw9oUUEEDlnJ2k2oj6tPYnAV/z

Score

10^/10

xmrig miner persistence privilege_escalation upx

Static task

static1

upx miner xmrig

4 signatures

Behavioral task

behavioral1

Sample

378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb_NeikiAnalytics.exe

Resource

win7-20240221-en

xmrig miner persistence privilege_escalation upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

xmrig miner upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb_NeikiAnalytics.exe
- Size
  
  1.7MB
- MD5
  
  c1d40aee5f1d941aa167e9574f68cf10
- SHA1
  
  2f0e76220413cfeb06bccd5d8913179af4d3608c
- SHA256
  
  378ec7f4214dc7d7194b59e5b30a790703963d2143c903340b63fe720b2fcceb
- SHA512
  
  c5412b9ada27c026a93f90eec68deeec97ac0f41a21385d9ada3bf09969b36783471aa60e3b9a0d3be1d7f05ed24572a8a20b6cf4621769737304f1e52c8b4bc
- SSDEEP
  
  24576:JanwhSe11QSONCpGJCjETPlia+zzDwGpmbqD0CkG0L2tQZgGV0Bm2YkYnKwaAt0F:knw9oUUEEDlnJ2k2oj6tPYnAV/z
Score

10^/10

xmrig miner persistence privilege_escalation upx
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xmrigminerpersistenceprivilege_escalationupx

behavioral2

© 2018-2024

Terms | Privacy