General

  • Target

    a034fefb3c57d44081305c75caa0c0f4c09f1a225a3e473f3a472a8c78b41684

  • Size

    1.9MB

  • MD5

    7dcfc5d82223c9e6895a27fb6de422f1

  • SHA1

    870fc5e15a197d2157634948817b8a2da15f3aef

  • SHA256

    a034fefb3c57d44081305c75caa0c0f4c09f1a225a3e473f3a472a8c78b41684

  • SHA512

    cefc525c6f9fb801d4f5eb3eefea6f4ddaf8de3264580d0c2e7c9f2685c879d264867fdfa19ab9cd7152888647b7ae4bc919f849bd94823541acbdcbc71928bd

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWY1s38kQu12bPxvyuzaBgJ9pcFtF:Lz071uv4BPMkibTIA5I4TNrpDGfFQafF

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • a034fefb3c57d44081305c75caa0c0f4c09f1a225a3e473f3a472a8c78b41684
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections