General

  • Target

    1934f4d12fd547e1ab3c05d945e8ed1dcdf41142ec90fb5fbe1e7f898af016fa

  • Size

    2.4MB

  • MD5

    bb93c9bc1e8cecea33cc0bba5b9ced58

  • SHA1

    5ea05dc92f9d00c0711dec2e8b438e7405acda19

  • SHA256

    1934f4d12fd547e1ab3c05d945e8ed1dcdf41142ec90fb5fbe1e7f898af016fa

  • SHA512

    6bfdbbc42537c1f0378a7fd382a79b749f2afdb5b6449cf1658886676670cc575478743ec0da570f81d21f91f860722b99e54f36f2752e2236cbb3393bfc8d3f

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTleLUbq+XL:NAB9

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 1934f4d12fd547e1ab3c05d945e8ed1dcdf41142ec90fb5fbe1e7f898af016fa
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections