xmrig | 7bd834895515c998717f49f909108260_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7bd834895515c998717f49f909108260_NeikiAnalytics
Size

1.8MB
MD5

7bd834895515c998717f49f909108260
SHA1

ab2416bee9da95f0ded16b0fa3791db47b10cbef
SHA256

72084bc0d859a3aee76eb744734be3d2eae024ea9d6281cfe21ee65b7b67cef8
SHA512

9903b9bacb67442d6efa9e37cd60fadb0a88ac0c8f2e489c8213d6c768d0827c804d2ee6e8d752115fb313634d1c6a41222edf4e6a9e7955b8ccdc06e9b27200
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wICbbnlD5Er:BemTLkNdfE0pZrF

Score

10^/10

miner upx xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bd834895515c998717f49f909108260_NeikiAnalytics

Files

7bd834895515c998717f49f909108260_NeikiAnalytics
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 724KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE