popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

xmrig.exe

UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 June 25, 2021, 8:44 a.m. June 25, 2021, 9 a.m.
Size 1.0MB
Type PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5 11029e2a2f75c2b8612c197e3636e37d
SHA256 6149ffed21e740cac12aa61b2fdd17248cbd3e51bab2289d2766aad1d29df910
CRC32 AD519109
ssdeep 24576:W06jX7e+lMosIzw5igcbhTlRRgJ9lmDgoAEb45JiqRSr44n5/:W06pzsIzwxcbhJRRgJ9lmJs5Jiqg
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.217.25.14 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

WriteConsoleA

 buffer: u
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: n
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: a
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: b
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: l
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: e
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: t
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: o
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: o
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: p
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: e
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: n
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: C
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: U
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: s
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: e
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: r
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: s
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: t
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: e
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: s
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: t
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: A
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: p
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: p
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: D
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: a
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: t
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: a
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: L
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: o
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: c
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: a
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: l
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: T
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: e
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: m
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: p
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: c
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: o
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: n
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: f
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: i
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: g
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: j
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: s
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: o
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: n
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: n
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: o
console_handle: 0x0000000b
1 1 0
host 172.217.25.14
Bkav W32.CoinMinerABXTTc.Worm
MicroWorld-eScan Generic.Application.CoinMiner.1.D6FFECAC
CAT-QuickHeal Trojan.CoinMiner.S1914589
McAfee PUP-XDE-MB
Malwarebytes RiskWare.BitCoinMiner
Zillya Trojan.Miner.Win32.3002
SUPERAntiSpyware Hack.Tool/Gen-BitCoinMiner
Sangfor Malware
CrowdStrike win/malicious_confidence_100% (D)
Alibaba RiskWare:Win32/Miners.acb4e676
K7GW Unwanted-Program ( 005127b71 )
K7AntiVirus Trojan ( 0053a0551 )
Arcabit Generic.Application.CoinMiner.1.D6FFECAC
Invincea heuristic
Cyren W32/CoinMiner.J.gen!Eldorado
Symantec Miner.XMRig!gen1
ESET-NOD32 a variant of Win32/CoinMiner.DQ potentially unwanted
APEX Malicious
Paloalto generic.ml
ClamAV Win.Coinminer.Generic-7151253-0
Kaspersky not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen
BitDefender Generic.Application.CoinMiner.1.D6FFECAC
NANO-Antivirus Trojan.Win32.CoinMiner.eyxdvb
AegisLab Riskware.Win32.BitMiner.1!c
Avast Win32:CryptoMiner-L [Trj]
Rising Trojan.Win32/64.XMR-Miner!1.ADCC (CLOUD)
Ad-Aware Generic.Application.CoinMiner.1.D6FFECAC
Sophos XMRig Miner (PUA)
Comodo ApplicUnwnt@#2x56osth7wg0a
F-Secure Heuristic.HEUR/AGEN.1133533
DrWeb Trojan.Starter.7606
VIPRE Trojan.Win32.Generic!BT
TrendMicro Coinminer.Win32.MALXMR.SMBM4
Fortinet W32/CryptoMiner.L!tr
Trapmine malicious.high.ml.score
FireEye Generic.mg.11029e2a2f75c2b8
Emsisoft Generic.Application.CoinMiner.1.D6FFECAC (B)
SentinelOne DFI - Malicious PE
F-Prot W32/CoinMiner.J.gen!Eldorado
Jiangmin Trojan.Miner.bsh
Webroot W32.Bitcoinminer.Gen
Avira HEUR/AGEN.1133533
MAX malware (ai score=99)
Antiy-AVL Trojan/Win32.Miner
Endgame malicious (high confidence)
Microsoft PUA:Win32/CoinMiner
ZoneAlarm not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win64.Miner.R213290
Acronis suspicious