General

  • Target

    d3a51cf88e2afb369f08c55acb30401cabba036d6e4f58124f993bdf841b4ec6

  • Size

    2.5MB

  • MD5

    e5bf76e45c74861608bcc555a54d3170

  • SHA1

    36642d27becb8c6544752e988e656377bd2a7ed4

  • SHA256

    d3a51cf88e2afb369f08c55acb30401cabba036d6e4f58124f993bdf841b4ec6

  • SHA512

    d930e08dc1dfd862560adbdd5bfdee650f50e7a5024d08187461f0c398ca122bd0b96b03fcecaa780b6dcd615d3caf7a4de7d703a5540804e8f6ccb605953a86

  • SSDEEP

    49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMki8CnfLv4:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R8

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d3a51cf88e2afb369f08c55acb30401cabba036d6e4f58124f993bdf841b4ec6
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections