xmrig | e5518479152b5aef5cf5c27c1e6e020a037465dd4bd2523a52fea8aa2e083563 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e5518479152b5aef5cf5c27c1e6e020a037465dd4bd2523a52fea8aa2e083563
Size

1.5MB
MD5

5d5e4ae6f8908beaa9b891433119f257
SHA1

c7368b9f12493a5d042ab3ef8622b53056ddaeb4
SHA256

e5518479152b5aef5cf5c27c1e6e020a037465dd4bd2523a52fea8aa2e083563
SHA512

9ef3db2b30aba3fb2e411846fc3230e333288729b703e7de63d70b8ce656b9b28395ea6818e8cf0ce64c87e44da1f86127eadfbda6b42de4667db6692a4ab2f7
SSDEEP

24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbBwlKenUT5J33PzVwUzQv4MjRToT:GezaTF8FcNkNdfE0pZ9oztFwIHT5JbV9

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5518479152b5aef5cf5c27c1e6e020a037465dd4bd2523a52fea8aa2e083563

Files

e5518479152b5aef5cf5c27c1e6e020a037465dd4bd2523a52fea8aa2e083563
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ