xmrig | ad7cff8762fff07692aa138f1d1c3fdb5a6366509ea5cefe236c892b962a989f

General

Target

ad7cff8762fff07692aa138f1d1c3fdb5a6366509ea5cefe236c892b962a989f
Size

2.9MB
MD5

a1aeadb93100e35e1d339357a0906b64
SHA1

2b6e5a7f28ba51224c2d05be58355123dbf15da9
SHA256

ad7cff8762fff07692aa138f1d1c3fdb5a6366509ea5cefe236c892b962a989f
SHA512

8bc9ccc61f0f85a6105a222feba18ba6637cbb8ba881f9cb386a43d4e4cf5ab3984ac9f24e6e83240b3604d89ea9830efcb43a99748402074b5ab572f3e739cd
SSDEEP

49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0IlnASEx/mlp:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Rh

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad7cff8762fff07692aa138f1d1c3fdb5a6366509ea5cefe236c892b962a989f