{
	"id": "afa566b9-2a78-4063-9bdf-f937b0e236dd",
	"created_at": "2026-04-06T00:22:26.434533Z",
	"updated_at": "2026-04-10T03:21:14.655029Z",
	"deleted_at": null,
	"sha1_hash": "45f86c8e645a330860108cd37bc2ad4b8cf2ea64",
	"title": "xmrig (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 30970,
	"plain_text": "xmrig (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 21:24:27 UTC\r\nxmrig\r\nAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to\r\nmine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems\r\nwithout users' consent. This deceptive marketing method is called \"bundling\".\r\nIn most cases, \"bundling\" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a\r\nhigh probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and\r\ngather sensitive information.\r\nReferences\r\nThere is no Yara-Signature yet.\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig"
	],
	"report_names": [
		"win.xmrig"
	],
	"threat_actors": [],
	"ts_created_at": 1775434946,
	"ts_updated_at": 1775791274,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/45f86c8e645a330860108cd37bc2ad4b8cf2ea64.pdf",
		"text": "https://archive.orkl.eu/45f86c8e645a330860108cd37bc2ad4b8cf2ea64.txt",
		"img": "https://archive.orkl.eu/45f86c8e645a330860108cd37bc2ad4b8cf2ea64.jpg"
	}
}