xmrig | 9ec6e2b5b183f454415c0ed222fe9537760e615fa9ee5e95fb098157a8d15637

General

Target

9ec6e2b5b183f454415c0ed222fe9537760e615fa9ee5e95fb098157a8d15637
Size

2.6MB
MD5

9dd3f236f36d397f0f80004952e1791d
SHA1

63b8dc2958ea5387b67a38f19be91c055832fe42
SHA256

9ec6e2b5b183f454415c0ed222fe9537760e615fa9ee5e95fb098157a8d15637
SHA512

ceb07c0558f383702f4f0048e7f01572f3e31b1a69029b36f03dd440ff0d90d597c991724fa9c54bfe8556293f667577393df81b81337a0d5a7b4376cb417a54
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hjGhql0lQO:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2RR

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ec6e2b5b183f454415c0ed222fe9537760e615fa9ee5e95fb098157a8d15637