Errors

Reason
config extraction: GuloaderBin: guloader: invalid shellcode

General

  • Target

    NEAS.a709b4d8fd5b6675fbfdc8ed5f981a70.exe

  • Size

    1.2MB

  • MD5

    a709b4d8fd5b6675fbfdc8ed5f981a70

  • SHA1

    b6a6f030408341141c017e54ac494326536aefae

  • SHA256

    25ece939263391ee21403567cb29d5d6d64dbb615c7110a5e6d2c2f185a74443

  • SHA512

    ecc1a14b23f32ec6528f5b548f9ec10ac962ea5e946c8f2378a25cbb78e0dd3c0de45b2c856691ad7c8bc4e472125318708396b69ff9446c97510d40251a9d60

  • SSDEEP

    24576:JanwhSe11QSONCpGJCjETPlgQ5aILMCfmAUhrSO1YNWdvd:knw9oUUEEDld5aIwC+AUBsWH

Score
10/10

Malware Config

Signatures

  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.a709b4d8fd5b6675fbfdc8ed5f981a70.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections