xmrig | e8b8129828fccb5ba8c2a655e981537e4e73cd3fadc33456c24d2f6fb2f2f4a6

General

Target

e8b8129828fccb5ba8c2a655e981537e4e73cd3fadc33456c24d2f6fb2f2f4a6
Size

2.7MB
MD5

e222f334c3d8f6e1d7c9f13251b002d0
SHA1

d1510b016c9b6cc63fb3d46edefcb9c5582bf114
SHA256

e8b8129828fccb5ba8c2a655e981537e4e73cd3fadc33456c24d2f6fb2f2f4a6
SHA512

c390c1570afe36bab1d3b74d5586c402affce45578296c411ddc1d4423b56cca9a3b7e8a56d80dadcee0c7f874ee6e16769dd07d095c70a0a457f0d8df11fbc3
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkibTIA5Jnsosq:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R7

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8b8129828fccb5ba8c2a655e981537e4e73cd3fadc33456c24d2f6fb2f2f4a6