xmrig | b0b68663ee43bce1e37aac27742bdf10fc01fe2bb5e64c06982c45440128556a

General

Target

b0b68663ee43bce1e37aac27742bdf10fc01fe2bb5e64c06982c45440128556a
Size

2.9MB
MD5

4e500a466260a80d3ab21e5f1439bda4
SHA1

13fe28473f351c0e60e24e316ba5ff486791f048
SHA256

b0b68663ee43bce1e37aac27742bdf10fc01fe2bb5e64c06982c45440128556a
SHA512

f85da35df41f3322bc56797cecb2886c67252a30b07fcd406e3e48bce2f8f33b4e27ceac9f929aaf10a683de8e45d80230749a999c9d4bf65ef129c341c26eb8
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0IlnASEx/RkG:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2Ri

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0b68663ee43bce1e37aac27742bdf10fc01fe2bb5e64c06982c45440128556a