xmrig | f94f22dd1b75dd0dbe2efcd818d6c4920a500823bb1ed22d524b51e9f93fc96a

General

Target

f94f22dd1b75dd0dbe2efcd818d6c4920a500823bb1ed22d524b51e9f93fc96a
Size

2.7MB
MD5

ea4999743eb157a7efb2999149eb2b09
SHA1

d0416d38e9cfa0c505368ffced9e3f010faced2e
SHA256

f94f22dd1b75dd0dbe2efcd818d6c4920a500823bb1ed22d524b51e9f93fc96a
SHA512

f09f1b918305215d1a7c8542947e799d0b137e87ada62cac01a2b8fdbe2655aa03fd10810442942582853434cf9efb93d8df95897c2b5c28cb5b2678e83e3d3e
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0IlnASEx/Riw:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R+

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f94f22dd1b75dd0dbe2efcd818d6c4920a500823bb1ed22d524b51e9f93fc96a