xmrig | HEUR-Trojan[.]Win32[.]Miner[.]pef-a3533018bbf2836dfabc96e730c151ac139f5a7205e801424480c7e9f9215d94

General

Target

HEUR-Trojan.Win32.Miner.pef-a3533018bbf2836dfabc96e730c151ac139f5a7205e801424480c7e9f9215d94
Size

2.9MB
MD5

6f2e98384a0c2ff08904b5c8c417ae63
SHA1

1df4dd4ab9134f49f1268a99351679a125e289ac
SHA256

a3533018bbf2836dfabc96e730c151ac139f5a7205e801424480c7e9f9215d94
SHA512

3103f2683b91032c01b17c816baa10ad6135a6a0f2ee73ded2fe100ae3b8217181fb01c865c62ac907d2adacc86b740893424a39ed29971ab6331f9c91346ce0
SSDEEP

49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUSuAQSzCTCwBiF:N0GnJMOWPClFdx6e0EALKWVTffZiPAcf

Score

10^/10

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Miner.pef-a3533018bbf2836dfabc96e730c151ac139f5a7205e801424480c7e9f9215d94