xmrig | 4da2b2956f3a6836fa631b4f9b4ee97c876cdf487ccf353a5784fb20107eadb6

General

Target

4da2b2956f3a6836fa631b4f9b4ee97c876cdf487ccf353a5784fb20107eadb6
Size

2.8MB
MD5

f806b3dd28d0bec5f804cbb570ff1383
SHA1

9df5de3fb08c046c9a7125cdfd61d54f4208914a
SHA256

4da2b2956f3a6836fa631b4f9b4ee97c876cdf487ccf353a5784fb20107eadb6
SHA512

d9fd65a8eac74b01f37a760f98e75db0b957e418cc0935eb7da438cd59063cafcce563ebac8d6171c7e9c7f7a0a4638d78ab004d0e2b4eb6f3a88bf5e4be6d62
SSDEEP

49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hjGhql0lQGQK5BKrS:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R3

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4da2b2956f3a6836fa631b4f9b4ee97c876cdf487ccf353a5784fb20107eadb6