General

  • Target

    a4c29c4b86c73d7e2f94daf2696d947257188773a7aee257c8ae570b19d931a9

  • Size

    2.8MB

  • MD5

    ddb5846523a279132eabb21fc642b790

  • SHA1

    9c0753512ccae7056b4d07102c67505cfdf6856f

  • SHA256

    a4c29c4b86c73d7e2f94daf2696d947257188773a7aee257c8ae570b19d931a9

  • SHA512

    6d198d8b225c4312bf291ac8cc91dff12807fb229f521974e38e44fb091a66e8860caa1943420a3c4e1e428515972d569d4970cd6fb90ba274ad3139bb3bc632

  • SSDEEP

    49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkibTIA5CJK:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rj

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a4c29c4b86c73d7e2f94daf2696d947257188773a7aee257c8ae570b19d931a9
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections