General

  • Target

    bfca3985c0fda4c1c421c0d69b248318b0ab5c9fe1bc30b13e662a22fd8cc1fc

  • Size

    1.6MB

  • MD5

    476586aec07a250ac528d995a7dbd759

  • SHA1

    5f7b1eed3f3b625e35e8555bfad8e120aa3e308d

  • SHA256

    bfca3985c0fda4c1c421c0d69b248318b0ab5c9fe1bc30b13e662a22fd8cc1fc

  • SHA512

    5fd46fd87bd34c35ad79c723716613d11ff44bcbcd8f09bdc48632928627b8803e515b45ee2c22d38598c78124d8cf1cfb638bb0d913ce64c552fd50f7297882

  • SSDEEP

    24576:RVIl/WDGCi7/qkatXBF6727f8UhNnXIhz24GtdR4a/f5kJDdz8cISQ4R2RX8NvdF:ROdWCCi7/rahUUvXjVTRdf5k5p8iKCo+

Score
10/10

Malware Config

Signatures

  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • bfca3985c0fda4c1c421c0d69b248318b0ab5c9fe1bc30b13e662a22fd8cc1fc
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections