xmrig | af218df2a0fc282a8b8a67e94c92b76561dbc7af4b126d4cb60ebc4b3dd10fe6

General

Target

af218df2a0fc282a8b8a67e94c92b76561dbc7af4b126d4cb60ebc4b3dd10fe6
Size

3.2MB
MD5

3ba3acfcbbb67e158b463c0681ff47ba
SHA1

d83ecc4b5504c36f7f116b5accefd532b9893e43
SHA256

af218df2a0fc282a8b8a67e94c92b76561dbc7af4b126d4cb60ebc4b3dd10fe6
SHA512

20f448f5cb37226e7d68cd0fb8f2fea4d4c31642fb1cfa330f1fb9c2c898aa33df5e722ff7239a5fd1f6f657b58f713661aa20e2cf154920a25c9c07879c9296
SSDEEP

98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWF:SbBeSFkJ

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af218df2a0fc282a8b8a67e94c92b76561dbc7af4b126d4cb60ebc4b3dd10fe6