Behavioral task
behavioral1
Sample
NEAS.2d6bc5e78196421bfd6f7a8c26ec2580.exe
Resource
win7-20231023-en
General
-
Target
NEAS.2d6bc5e78196421bfd6f7a8c26ec2580.exe
-
Size
2.3MB
-
MD5
2d6bc5e78196421bfd6f7a8c26ec2580
-
SHA1
847b2836913964a4037cc544cf137c4d027d68f6
-
SHA256
58d8da395daa4fee4f92124e62fd3135abdbf9cd7afc0ee08223df51fb5c4efd
-
SHA512
10d117c7cb986d81aa596a61e2c03e2e9f8d6a8f113d919e2cbe69e4d55e7a3c5765b57e885b527c0ba81c7dbd523386cea0640c5aa51ba7cbafc164de3de525
-
SSDEEP
49152:BezaTF8FcNkNdfE0pZ9ozt4wIlMmSdp2PIeTJm2AaY4C:BemTLkNdfE0pZr6
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.2d6bc5e78196421bfd6f7a8c26ec2580.exe
Files
-
NEAS.2d6bc5e78196421bfd6f7a8c26ec2580.exe.exe windows:6 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 724KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 272KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE