xmrig | HEUR-Trojan[.]Win32[.]Miner[.]pef-7adf2148744a2279b0cfeb1b982ba127beb354bbad6de38c2ea06d5b51b306a8

General

Target

HEUR-Trojan.Win32.Miner.pef-7adf2148744a2279b0cfeb1b982ba127beb354bbad6de38c2ea06d5b51b306a8
Size

2.9MB
MD5

61b089022b94c6f869d2c7b39b0792eb
SHA1

7ded74f823ca8b3173619ac76b97a69c7a9cc10a
SHA256

7adf2148744a2279b0cfeb1b982ba127beb354bbad6de38c2ea06d5b51b306a8
SHA512

a1aea0e768fd8b1b14f3e3aba5754fc271c3b38ab1128adde102e2e12b0d050a7adfd55d8550e29f10daa872060943f047ccac6fe925fe5c97fc7473feecbe6f
SSDEEP

49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUSuAQSzCTCwBil:N0GnJMOWPClFdx6e0EALKWVTffZiPAcX

Score

10^/10

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Miner.pef-7adf2148744a2279b0cfeb1b982ba127beb354bbad6de38c2ea06d5b51b306a8