xmrig | 647c80ba6352ef6b4d0e7b0d56989dd51fc4efec78c9876e1de05cbb824eb4bc

General

Target

647c80ba6352ef6b4d0e7b0d56989dd51fc4efec78c9876e1de05cbb824eb4bc
Size

3.0MB
MD5

7cfa5ea48c8c1b01818d0c1eb0ce711e
SHA1

893bdaf782e96e9b41480a238d5ddae8aefc37f1
SHA256

647c80ba6352ef6b4d0e7b0d56989dd51fc4efec78c9876e1de05cbb824eb4bc
SHA512

7f025dcd13d759b4e790ef48520050fd0313a51a4e18ed6ccb32223502d2d301e951ba5c1a5141d516bf1d73e7adeb3c405cbb462b500406d04356a9e22b6d30
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkivwSbaMYPcyO8t:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2RY

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
647c80ba6352ef6b4d0e7b0d56989dd51fc4efec78c9876e1de05cbb824eb4bc