xmrig | HEUR-Trojan[.]Win32[.]Miner[.]pef-5f8e96ee97e3371262386b5bb898157aa03ee753d0a92345e17a297c16c34558

General

Target

HEUR-Trojan.Win32.Miner.pef-5f8e96ee97e3371262386b5bb898157aa03ee753d0a92345e17a297c16c34558
Size

2.9MB
MD5

c0e1692bedab722481983410162395e6
SHA1

4ba1fcfbee29d68de9a83072d28339ea588fdc44
SHA256

5f8e96ee97e3371262386b5bb898157aa03ee753d0a92345e17a297c16c34558
SHA512

66c3b8be43e1dd35c17a6f1d63cd4dd26ce233c088a96da906de5b83181a2544c582a652aa83dc7ddc228750613a42dee0ee3e96e0359497e8b857e108b57cab
SSDEEP

49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcq4QXDT6hXi8:N0GnJMOWPClFdx6e0EALKWVTffZiPAcR

Score

10^/10

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Miner.pef-5f8e96ee97e3371262386b5bb898157aa03ee753d0a92345e17a297c16c34558