xmrig | 0ec74dfbb60862af9a750ed15692f9f228735631af0fb0e4945512b785c162e7

General

Target

0ec74dfbb60862af9a750ed15692f9f228735631af0fb0e4945512b785c162e7
Size

3.0MB
MD5

13edbff8d46627cf6281cb256696caad
SHA1

d9d617bbb96f58b104d2bbe64278a8b19783429f
SHA256

0ec74dfbb60862af9a750ed15692f9f228735631af0fb0e4945512b785c162e7
SHA512

b812e3047996d0f03a156aed1642e91daa68ee90fa36cd3b091b077cfa3dfdbbff2b27a5e9abdbd64e3d1e17301d99202f6863be7ae83b6bdc4d16be589c99f0
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkibTIA5CJza7Gt:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2Ra

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ec74dfbb60862af9a750ed15692f9f228735631af0fb0e4945512b785c162e7