General

  • Target

    9fc81e2e1c3efc26d05ce2f6d9e35e63cd64820f326b9574c40fa4f9190e16eb

  • Size

    2.3MB

  • MD5

    d2da227317f46999f6b50bed5a35f6da

  • SHA1

    cede5986494077bf4e2960aba8c8fbb9faa34315

  • SHA256

    9fc81e2e1c3efc26d05ce2f6d9e35e63cd64820f326b9574c40fa4f9190e16eb

  • SHA512

    63b95cb27f8be600d2018774e46ee510a847d41f52ab53b2bf86a23dff75bcc4e7e1ee3d535f9dd75d5d4f6b54abe8550a2bf5c3fa56c303c53a7f51a972b82d

  • SSDEEP

    49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkyW10/w16lI3:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rw

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9fc81e2e1c3efc26d05ce2f6d9e35e63cd64820f326b9574c40fa4f9190e16eb
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections