ba900abbccb3863cefc4aac31300eb3d | Triage

Sharing

General

Target

ba900abbccb3863cefc4aac31300eb3d
Size

30KB
MD5

ba900abbccb3863cefc4aac31300eb3d
SHA1

61a6efdeffec38a278640b463fff35e3858e5173
SHA256

9d596eb3d5080db81cda994198d5471fdb7a329f92e7a1f76ba7cac445542eec
SHA512

ec6bfe690d74a919b49ad78fffae782ef07a3363a54260782d715f8b140f327ae637d6aca12cdd80410689450362b5631083789d94ed0e8c86935f3dfb422ce7
SSDEEP

768:ygw75ZtkSZopNi5Q0hILkKF2kPYkrfl6qwINmSTT:ygw1ZopSvhIQKF28v96qwI02

Score

9^/10

miner

Malware Config

Signatures

Detectes Phoenix Miner Payload 1 IoCs

resource	yara_rule
sample	miner_phoenix

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba900abbccb3863cefc4aac31300eb3d

Files

ba900abbccb3863cefc4aac31300eb3d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ