General

  • Target

    aef74033d259df049593377b8be21ed1ee88e2425881526c003df97557dcf0a0

  • Size

    2.8MB

  • MD5

    04f49b1fdb3e7ba99a6621ddbfd19dfe

  • SHA1

    3f8bda769791a60b57c80adfa79663842011041b

  • SHA256

    aef74033d259df049593377b8be21ed1ee88e2425881526c003df97557dcf0a0

  • SHA512

    f36ad7b5542e9c3a400cc183f2befb2f74083c6275565f0d8d13425da26e725b5ed3f97c0ccca769d46a5ecc80678388a4871cb0d43231b57bcf9ed161b26ef7

  • SSDEEP

    49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0IlnASEx/Ri0:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Ri

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • aef74033d259df049593377b8be21ed1ee88e2425881526c003df97557dcf0a0
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections