General

  • Target

    b993df3af24126a3918e24085f547a5a4ce6abfdac3d314283fc34bd05e1d293

  • Size

    3.0MB

  • MD5

    51552c937c615f16aacb84089a19d46a

  • SHA1

    af37e9d8f917be4b743419b1323b3548cff870aa

  • SHA256

    b993df3af24126a3918e24085f547a5a4ce6abfdac3d314283fc34bd05e1d293

  • SHA512

    41098d4d5218c1f75518a877e3e54e572d643050dc1c9b11d1f2d13d8d2554d2ba9a0751f85ce7d7fc2e8f0ad21a1894fb00cb66247cf6307c4b20393d6845cb

  • SSDEEP

    49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hm6lgVJUwD+8feEt:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Rx

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b993df3af24126a3918e24085f547a5a4ce6abfdac3d314283fc34bd05e1d293
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections