xmrig | 5820c7c6819869fab47a0f5c2f5e77ab2103f0e6434faae97ee33cb8577f7c9d

General

Target

5820c7c6819869fab47a0f5c2f5e77ab2103f0e6434faae97ee33cb8577f7c9d
Size

2.8MB
MD5

2295f5f4d78cfb0c9ae1cbae2fc19b8d
SHA1

e1d2054bdc3e01c32388574a29280571f4e38e95
SHA256

5820c7c6819869fab47a0f5c2f5e77ab2103f0e6434faae97ee33cb8577f7c9d
SHA512

32bfa3cb4bb364ec7eacbcbba486d83f666f4ba8b0e60f54981279120b0e455db6ea72a47c524c4d60e3614ab09abee0185271a0cc7faa488047426d26456ae7
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkibTIA54lkbBoSA:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R2

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5820c7c6819869fab47a0f5c2f5e77ab2103f0e6434faae97ee33cb8577f7c9d