xmrig | 33c00bc0782e28e0a2dd2b7a291a9d0cd5a7d3f0d03c58905dc7f3f6fff5b0ac

General

Target

33c00bc0782e28e0a2dd2b7a291a9d0cd5a7d3f0d03c58905dc7f3f6fff5b0ac
Size

3.0MB
MD5

a46112b8b0aef2c50e881cf235f6fe54
SHA1

4b4020e464de7fdc2d9013bfbdeab9f12463c96a
SHA256

33c00bc0782e28e0a2dd2b7a291a9d0cd5a7d3f0d03c58905dc7f3f6fff5b0ac
SHA512

5c8ed8e15a512d7119daabd787915b894b3b68b37acd317332f7007503e0294950d0a5c444cdf4099a3c50be4860ae805f441b69771309180f1464386089dda0
SSDEEP

49152:S1G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkFfdg6NsNtJVlRD:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2Rt

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33c00bc0782e28e0a2dd2b7a291a9d0cd5a7d3f0d03c58905dc7f3f6fff5b0ac