xmrig | 9d81b29d46d2db7259ec3770c29d5c50_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d81b29d46d2db7259ec3770c29d5c50_NeikiAnalytics
Size

1.6MB
MD5

9d81b29d46d2db7259ec3770c29d5c50
SHA1

9a88c9fa5d22ad66b116e29a5d1dc9fa8ed787c2
SHA256

86fd3490793a464182a87523c5bda014427ff02b1c93cb05e93c92495b40ab9e
SHA512

b1523ddec4a57cdf95cf5b07b07af5eaa4925379a28191b60782695fdfa72c5819df0d2f5f4c328875120c179a7d28469807e431ed077d766621057b3424d46e
SSDEEP

49152:GezaTF8FcNkNdfE0pZ9oztFwIRxj4cT3TL:GemTLkNdfE0pZaF

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d81b29d46d2db7259ec3770c29d5c50_NeikiAnalytics

Files

9d81b29d46d2db7259ec3770c29d5c50_NeikiAnalytics
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ