xmrig | a9d6cc5f362a84dbb339c8fa934e24c56347bed2e403930c9c7e28db702abee5

General

Target

a9d6cc5f362a84dbb339c8fa934e24c56347bed2e403930c9c7e28db702abee5
Size

2.7MB
MD5

037b6f2fcdb1d1ca1327fdfbc523b032
SHA1

98462a05b4dd08ac2c4161872ac08b66adc733f9
SHA256

a9d6cc5f362a84dbb339c8fa934e24c56347bed2e403930c9c7e28db702abee5
SHA512

7b6d252b6e11371bee053b97d7b20f6d1ed81bc86e418e01fc078beca4a58629dac4c13e139de7a5a4e947c4cc990f64b9cd08ea28285dbb1485c7d25aa93bf1
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0I6Gz3N1pHvo:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R0

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9d6cc5f362a84dbb339c8fa934e24c56347bed2e403930c9c7e28db702abee5