xmrig | 1398e78d0c8776c4c5e0f2412e52df137c3a0a9fb71c5f6de01fe0143aa59243

General

Target

1398e78d0c8776c4c5e0f2412e52df137c3a0a9fb71c5f6de01fe0143aa59243
Size

2.9MB
MD5

7fcaea127a678983eb65476a01426233
SHA1

592a7e055ef66e20bc61a627a7940e514ac90c51
SHA256

1398e78d0c8776c4c5e0f2412e52df137c3a0a9fb71c5f6de01fe0143aa59243
SHA512

b5c4adce5e824c0571d150b6b11dea1f55c1b01b80306a1d601e8d3facaed71df6d9515714b2779e2ad437909420d2138de620975d846321763cb41f691ccbc4
SSDEEP

49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMki8CnfLv3zQXtT3:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Ry

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1398e78d0c8776c4c5e0f2412e52df137c3a0a9fb71c5f6de01fe0143aa59243