xmrig | 9085f83b074aef3b1f060c473c37ec10_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9085f83b074aef3b1f060c473c37ec10_NeikiAnalytics
Size

2.4MB
MD5

9085f83b074aef3b1f060c473c37ec10
SHA1

bb466ec762269cae3fd5ed71156a59f500ca3ec9
SHA256

4cd06680da52b28ef72e67c3e0027471bcc5728f672b8c92ace95be61d780b2e
SHA512

f3796f9293a72b0a97320c7ee3696d5b3058eeecb6476d97e332dd5dc868259d91f7e97319a291ce0cf27e50c159ff488a9faf40a0e4d1c7b2d208d045b695c9
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+AaWnTH30phvU:BemTLkNdfE0pZrM

Score

10^/10

miner upx xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9085f83b074aef3b1f060c473c37ec10_NeikiAnalytics

Files

9085f83b074aef3b1f060c473c37ec10_NeikiAnalytics
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 724KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE