General

  • Target

    fb7ad8dc4d1c2be2049a1884d0c61f7430d6c0fb03085e843ef0369235ed05f8

  • Size

    2.9MB

  • MD5

    513084e478085d829a3e70f70d8c3ad0

  • SHA1

    fee56281cc8db2a2a3ea3fcd2b771d62f5b5b58d

  • SHA256

    fb7ad8dc4d1c2be2049a1884d0c61f7430d6c0fb03085e843ef0369235ed05f8

  • SHA512

    20876dae24ad40e2ab870af313c53c1ab66c375be88021ce1c2ea41af24e95ec4dc13556446ddb11b95294b0b7e35301840c00bf480737cf3be4d9a1945b172e

  • SSDEEP

    49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkFfdg6NsNtJViB:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rm

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fb7ad8dc4d1c2be2049a1884d0c61f7430d6c0fb03085e843ef0369235ed05f8
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections