General
-
Target
HEUR-Trojan.Win32.Miner.pef-cce9b71ef38fea2ef94bcd5edc89f7596f8119afcecce992d72386fd11b50106
-
Size
2.5MB
-
MD5
880fbe3161ca6b948f78f3127bdbe0b1
-
SHA1
f8cab8d90af153f6fd91fd78bf90d9136c704709
-
SHA256
cce9b71ef38fea2ef94bcd5edc89f7596f8119afcecce992d72386fd11b50106
-
SHA512
5f105b2f78b11c0333fd40fcba932ba8acd8f930e775a110e8cf6d1a56e3ad6f59212aee3cc944b16ee4af443a41ae6d206446ef6f996fb49db085a5ea75cdb6
-
SSDEEP
49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkyWvW/XfDOyO:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R0
Score
10/10
Malware Config
Signatures
-
Detects executables containing URLs to raw contents of a Github gist 1 IoCs
-
UPX dump on OEP (original entry point) 1 IoCs
-
XMRig Miner payload 1 IoCs
-
Xmrig family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
HEUR-Trojan.Win32.Miner.pef-cce9b71ef38fea2ef94bcd5edc89f7596f8119afcecce992d72386fd11b50106
Headers
Sections