xmrig | HEUR-Trojan[.]Win32[.]Miner[.]pef-38e6e3efa595835626c3055b800d6512061099784cfd29d6427e556b004bf940

General

Target

HEUR-Trojan.Win32.Miner.pef-38e6e3efa595835626c3055b800d6512061099784cfd29d6427e556b004bf940
Size

3.0MB
MD5

296167a9e050f5b25f4d9e7250785bce
SHA1

59a2bba87aa445af1e34fce1da8c698312ba389f
SHA256

38e6e3efa595835626c3055b800d6512061099784cfd29d6427e556b004bf940
SHA512

6e90d19b9def5cf07ffacac909d3b9f21cdb81a4f4489d6ac6904f390a7e5cd5480a418bddb40fb696474176519dcf2ddafbe32f5e2380985d552aa1d24ffd7d
SSDEEP

49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcq4QXDT6hXi3:N0GnJMOWPClFdx6e0EALKWVTffZiPAcg

Score

10^/10

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Miner.pef-38e6e3efa595835626c3055b800d6512061099784cfd29d6427e556b004bf940