General

  • Target

    21491dd1fd1733cce71be750b044246b5a444e6045249a810f27c93d093ac6a3

  • Size

    1.6MB

  • MD5

    f0f5721a0e8f59ba3b6079dcc985dc33

  • SHA1

    0b9d084b494efbb2842462ad476c037c9429a148

  • SHA256

    21491dd1fd1733cce71be750b044246b5a444e6045249a810f27c93d093ac6a3

  • SHA512

    629dd5a9713710c467f0dce21483563aad01348eb541ccc1500caee5cf4a5dc3615afaa1903f72db2d6a35283c5027ccc7d7cde231ed795d3386581e6e66f212

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkFfkeMlN675EgEPgsU5qTqOkDilK3uPrDqEALA:Lz071uv4BPMkFfdg6NsOaP

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 21491dd1fd1733cce71be750b044246b5a444e6045249a810f27c93d093ac6a3
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections