General
-
Target
HEUR-Trojan.Win32.Miner.pef-9e0cb54c00881beab2736eae88d18a38e6e4fcd0e441cfa93e73d98f26d1b15d
-
Size
2.5MB
-
MD5
74087ce029e20c3940e34427696bced2
-
SHA1
0b64e9de7316645a8f864e89809f9294d2d2ebf3
-
SHA256
9e0cb54c00881beab2736eae88d18a38e6e4fcd0e441cfa93e73d98f26d1b15d
-
SHA512
51f3d82b9e592d18996883fa55028af1eacdba652d261664aa55fbdceb4e57c3fd3b9f8c77fab1390600d01757927f1cd73f15b3102db6654f697200ba428b09
-
SSDEEP
49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMki8CnfL0yO:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R+
Score
10/10
Malware Config
Signatures
-
Detects executables containing URLs to raw contents of a Github gist 1 IoCs
-
UPX dump on OEP (original entry point) 1 IoCs
-
XMRig Miner payload 1 IoCs
-
Xmrig family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
HEUR-Trojan.Win32.Miner.pef-9e0cb54c00881beab2736eae88d18a38e6e4fcd0e441cfa93e73d98f26d1b15d
Headers
Sections