xmrig | b5c408db497ec06a0e7df7ac6660cb7aaa67477bb3adacaa39f1b6833646679f

General

Target

b5c408db497ec06a0e7df7ac6660cb7aaa67477bb3adacaa39f1b6833646679f
Size

2.5MB
MD5

21f13fdd8610f205a7bda12ec556c344
SHA1

4b01114e384c971d0eea7f5c1a1269a621feab16
SHA256

b5c408db497ec06a0e7df7ac6660cb7aaa67477bb3adacaa39f1b6833646679f
SHA512

25caca8ffbc1b2bc0f8718f73ef747061f2e60fd4a0861ece6c2fa4de83f9f08e331173baf51975a2524beb6338cc5512be2c05a2d420cab9dddee08473b771c
SSDEEP

49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkibTIA5sf6r+W4q:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Rn

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5c408db497ec06a0e7df7ac6660cb7aaa67477bb3adacaa39f1b6833646679f