xmrig | d60931ac230ffd0dca4f8e372fb3c82716a3f71fe7c199b4c6a517aafc55305e

Sharing

Copy URL

Twitter E-mail

General

Target

d60931ac230ffd0dca4f8e372fb3c82716a3f71fe7c199b4c6a517aafc55305e
Size

10.2MB
MD5

f29a86fa16fc8c55acbfabe4fb388743
SHA1

e0e74d9f4454df636fd2fec10561af4fd5412353
SHA256

d60931ac230ffd0dca4f8e372fb3c82716a3f71fe7c199b4c6a517aafc55305e
SHA512

8e419c8ab1586151fa174e65e2b2505a499ab24a303a655d900619ebaaa24528f058409e04961b6bde2d8c131155f28c3d885fe46a148726467408475b806ebb
SSDEEP

196608:5PfFY99dwLiiHy/PDxknV3thXDUeulC8bAJJ99cd5:5PfFW9dwLiQyXDiJUZCSI99y5

Score

10^/10

miner themida xmrig

Malware Config

Signatures

XMRig Miner Payload 1 IoCs
miner

Processes:

resource yara_rule

sample xmrig
Xmrig family
xmrig
Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

resource	yara_rule
sample	xmrig

resource	yara_rule
sample	themida

Files

d60931ac230ffd0dca4f8e372fb3c82716a3f71fe7c199b4c6a517aafc55305e
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 888KB - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RANDOMX
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 888KB - Virtual size: 888KB

.data Size: 49KB - Virtual size: 3.1MB

.pdata Size: 120KB - Virtual size: 119KB

_RANDOMX Size: 1KB - Virtual size: 1KB

_TEXT_CN Size: 6KB - Virtual size: 6KB

_TEXT_CN Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 31KB

.idata Size: 512B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.themida Size: 6.2MB - Virtual size: 6.2MB

.reloc Size: 16B - Virtual size: 4KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 888KB - Virtual size: 888KB

.data
Size: 49KB - Virtual size: 3.1MB

.pdata
Size: 120KB - Virtual size: 119KB

_RANDOMX
Size: 1KB - Virtual size: 1KB

_TEXT_CN
Size: 6KB - Virtual size: 6KB

_TEXT_CN
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 31KB

.idata
Size: 512B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.themida
Size: 6.2MB - Virtual size: 6.2MB

.reloc
Size: 16B - Virtual size: 4KB