miner-cpu-win[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

miner-cpu-win.zip
Size

687KB
MD5

91809f05e59a5d2d15c1542882b98767
SHA1

5a60e596e3d60f394300ab9bc89372e108a93de9
SHA256

1d30a3c299ff1e7b91a8b0a21e1ec0c548b45f00f9b62ab515b75d4b17a66ff7
SHA512

3fd2d329e5b81ca30473fae3c1d9823b5077e9eab33ade0961ca403a82b1fbe3ccd6b267431a83ca54a42a31008af82cea84f361e425e44c64ea70c0db6cb033
SSDEEP

12288:mP3oFtz5d/2Z+pj5NQNrmkaiRB+EFoKcd9SQte245ZV5j7Hpjor+toyxQ:Uo/L/m0AYkLxKKc3S/H5HeroooQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Miner/cpuminer-allium-x64.exe

Files

miner-cpu-win.zip
.zip
Miner/cpuminer-allium-x64.exe
.exe windows:6 windows x64 arch:x64

26fcab88fe1f13a49918e57b6bb01f1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentProcess
SetProcessAffinityMask
SetThreadPriority
Sleep
GetCurrentThread
FreeConsole
GetSystemInfo
GetConsoleWindow
SetPriorityClass
SetConsoleCtrlHandler
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
WriteFile
RtlVirtualUnwind
WideCharToMultiByte
PeekNamedPipe
ReadFile
GetFileType
VerifyVersionInfoA
VerSetConditionMask
WaitForSingleObjectEx
SetThreadAffinityMask
ExpandEnvironmentStringsA
GetModuleHandleA
SleepEx
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
WriteConsoleW
MultiByteToWideChar
GetStdHandle
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
QueryPerformanceCounter
GetSystemTimeAsFileTime
EnterCriticalSection
GetTickCount64
LoadLibraryA
CreateSemaphoreA
WaitForMultipleObjects
GetProcAddress
FreeLibrary
GetSystemDirectoryA
SetThreadContext
GetThreadContext
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
GetThreadPriority
GetCurrentThreadId
GetCurrentProcessId
CreateEventA
ReleaseSemaphore
ResetEvent
SetEvent
CloseHandle
WaitForSingleObject
FormatMessageA
SetLastError
GetLastError
DuplicateHandle

user32

GetUserObjectInformationW
MessageBoxW
ShowWindow
GetProcessWindowStation

ws2_32

getpeername
getsockname
ioctlsocket
getsockopt
ntohs
WSASetLastError
__WSAFDIsSet
getaddrinfo
freeaddrinfo
htons
htonl
gethostname
recvfrom
sendto
WSACleanup
WSAStartup
WSAIoctl
select
WSAGetLastError
ntohl
accept
bind
closesocket
listen
inet_addr
recv
send
socket
setsockopt
inet_ntoa
connect

advapi32

ReportEventW
DeregisterEventSource
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegisterEventSourceW

crypt32

CertFreeCertificateContext

wldap32

ord35
ord33
ord32
ord27
ord26
ord22
ord200
ord41
ord50
ord45
ord60
ord211
ord46
ord143
ord301
ord30
ord79

normaliz

IdnToAscii

vcruntime140

__C_specific_handler
memchr
wcsstr
strrchr
strstr
memcmp
memcpy
memset
longjmp
__intrinsic_setjmp
strchr
memmove

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
_read
fopen
fclose
__p__commode
_set_fmode
__stdio_common_vsprintf
fwrite
_open
fgetc
fgets
fputc
ftell
fseek
fread
__stdio_common_vswprintf
_close
_write
fflush
_isatty
_fileno
fputs
_setmode
_wfopen
feof
_lseeki64
ferror
__stdio_common_vfprintf
__stdio_common_vsscanf

api-ms-win-crt-string-l1-1-0

isalpha
strpbrk
isxdigit
_stricmp
_strnicmp
strncpy
_strdup
strncmp
strtok
tolower
strcmp
strspn
isspace
isdigit
isalnum
strncat_s
isupper
islower
isgraph
isprint
toupper

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_time64
_difftime64
_gmtime64
_localtime64_s
__daylight
__timezone
_tzset
_ftime64_s

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-convert-l1-1-0

atoi
atol
strtoul
strtol
strtod
_strtoi64
strtoll
atof

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe
_set_app_type
__sys_nerr
strerror
_initialize_narrow_environment
_get_initial_narrow_environment
_endthreadex
_initterm_e
exit
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_beginthreadex
raise
_getpid
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_exit
_initterm
_errno
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
calloc
malloc
realloc

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
localeconv

api-ms-win-crt-math-l1-1-0

__setusermatherr
_dclass

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_stat64
_splitpath_s
_access
_stat64i32

Sections

.text
Size: 1001KB - Virtual size: 1001KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctors
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dtors
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
README.txt
Run-Miner-Pool-CPU.bat
Run-Miner-Solo-CPU.bat

Sharing

General

Malware Config

Signatures

Files

26fcab88fe1f13a49918e57b6bb01f1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

crypt32

wldap32

normaliz

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Sections

.text Size: 1001KB - Virtual size: 1001KB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 60KB - Virtual size: 90KB

.pdata Size: 24KB - Virtual size: 23KB

.ctors Size: 512B - Virtual size: 8B

.dtors Size: 512B - Virtual size: 8B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 1001KB - Virtual size: 1001KB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 60KB - Virtual size: 90KB

.pdata
Size: 24KB - Virtual size: 23KB

.ctors
Size: 512B - Virtual size: 8B

.dtors
Size: 512B - Virtual size: 8B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 7KB - Virtual size: 7KB