General

  • Target

    0ae79ae1b0c8c4ab130cde7131d642240f3ea08a35fc29175a903ff2ccb9e791

  • Size

    2.7MB

  • MD5

    b0e757dbc835dbfc309388a31e2479c8

  • SHA1

    42c04891eaa9926e31c2c02c7fe9bda7861cb3b8

  • SHA256

    0ae79ae1b0c8c4ab130cde7131d642240f3ea08a35fc29175a903ff2ccb9e791

  • SHA512

    f94566b133c8195f61f1d75239ea6f5fdc2b876e98ec8957b5fe8ed3786d76496a28b0c7e32e407a26ca3bd22c0f49b5ad9a81791c2458380bd17ae65e322ef7

  • SSDEEP

    49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkibTIA5VOl/ny4R:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Re

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0ae79ae1b0c8c4ab130cde7131d642240f3ea08a35fc29175a903ff2ccb9e791
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections