xmrig | 1a11568aac5f4a3f9f661856b8a772630035a2b6f9cd0fd827b5ac85b230598b

General

Target

1a11568aac5f4a3f9f661856b8a772630035a2b6f9cd0fd827b5ac85b230598b
Size

3.0MB
MD5

0423c7940d1647c46bd36d914808e018
SHA1

1348d477c1470877da3d037cff5ed94bcee9b971
SHA256

1a11568aac5f4a3f9f661856b8a772630035a2b6f9cd0fd827b5ac85b230598b
SHA512

eee5f63c6d08be6b4d806095c18d2df74abf0a4fe9a61de3e6b30eaf706f518c21ec50aad7ef7d55ba542135df201c620dd910abf2f75b71e314a5580ac6b1d3
SSDEEP

98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWE:7bBeSFk4

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a11568aac5f4a3f9f661856b8a772630035a2b6f9cd0fd827b5ac85b230598b