Behavioral task
behavioral1
Sample
8b241e4b88c4c8ed215e4f5963f942a2eda471ef0889a837ab802ddbf6029f34.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8b241e4b88c4c8ed215e4f5963f942a2eda471ef0889a837ab802ddbf6029f34.exe
Resource
win10v2004-20220414-en
General
-
Target
8b241e4b88c4c8ed215e4f5963f942a2eda471ef0889a837ab802ddbf6029f34
-
Size
17.7MB
-
MD5
09802b1a6906ada37d46dc89a493cf04
-
SHA1
535a1f164fa05df331f2fcd7a4cbd5270d1bd2bb
-
SHA256
8b241e4b88c4c8ed215e4f5963f942a2eda471ef0889a837ab802ddbf6029f34
-
SHA512
b16cd08667069de83191330d0b765d202dcabe4670845a62a791352d4b37eef813cc596d16fd8df13da8bc3dce6478a5480fdb2280459b6b9eb47e74ad820413
-
SSDEEP
196608:Ta9+6Y7SOEibgRkGBfWAzRUGBfWyr23mr23d18a9+6Y7SOEibgRkGBfWAzRUGBf4:TFgRlWAz/WJ18FgRlWAz/WJ1
Malware Config
Signatures
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
-
Processes:
resource yara_rule sample upx -
NSIS installer 1 IoCs
Processes:
resource yara_rule sample nsis_installer_2
Files
-
8b241e4b88c4c8ed215e4f5963f942a2eda471ef0889a837ab802ddbf6029f34.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE