General

  • Target

    0e7b0c247771970afdc14047e0b98e66196dba35b9c1748f11f9e2a51d1decf2

  • Size

    2.6MB

  • MD5

    64f5f4d8c59b2578772de2c52a6a42b8

  • SHA1

    4c63934a67c072841c2bbfdfb5661488e035c271

  • SHA256

    0e7b0c247771970afdc14047e0b98e66196dba35b9c1748f11f9e2a51d1decf2

  • SHA512

    607a493461f15d338971ca94f77956b09255372ae4cb25f6bb702c3d458b4185206b6be0105b29604fe5628d30d50fe056b86833b312153f250b38119544820b

  • SSDEEP

    49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0I6Gz3N1f:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R9

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0e7b0c247771970afdc14047e0b98e66196dba35b9c1748f11f9e2a51d1decf2
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections