General

  • Target

    e61e8d8e73fc866911f36454680b876494265eac6a43a3ea498ad76b5f0f16a4

  • Size

    1.3MB

  • MD5

    376d9c2d9c8910c5a0a15ad464d79f70

  • SHA1

    94d6cd12edc3dc6f2eef5949706d79b88e8c4596

  • SHA256

    e61e8d8e73fc866911f36454680b876494265eac6a43a3ea498ad76b5f0f16a4

  • SHA512

    f684d49b595ebb53f2676b31b8a5329b837b334d9d6af42898b3ac99d6b5a70e16000ba1d613c008d5ff53bd7f42bdceb0d20e4c0f2326122d14d498bb1a7b4d

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupaXHeYusCJGbqe:Lz071uv4BPMki8CnfLDCkL

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • e61e8d8e73fc866911f36454680b876494265eac6a43a3ea498ad76b5f0f16a4
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections