General

  • Target

    b3247d18021d789a9bbe190140a1374de78e02b4e43bbb5c58b8e9897ac2d2b9

  • Size

    1.8MB

  • MD5

    7b16aa1b96812f72b73b8d5548080547

  • SHA1

    5a6752a08e0cc98935804ffcb0400c327d61daf0

  • SHA256

    b3247d18021d789a9bbe190140a1374de78e02b4e43bbb5c58b8e9897ac2d2b9

  • SHA512

    bd182c06aca3da7149b14525f7d1c94c633cc2e2b6bcdf0927b3053cd3251c4964cf3c04334b0f1c15b78d4f8f494d72fde921c7d40a9ef25c77a784daa4f03d

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWY1s38kQu12bPxvyuzaBgJ9pcFts:Lz071uv4BPMkibTIA5I4TNrpDGgDQ9vS

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • b3247d18021d789a9bbe190140a1374de78e02b4e43bbb5c58b8e9897ac2d2b9
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections