xmrig | dd31abca31234046c712ce8296e68c565f21b0839e77935568f5c6fe3cf19065

General

Target

dd31abca31234046c712ce8296e68c565f21b0839e77935568f5c6fe3cf19065
Size

3.0MB
MD5

5338e0abffa22316918759ed605ee511
SHA1

15ab0e3c43531198f37237955824312e17ce20ae
SHA256

dd31abca31234046c712ce8296e68c565f21b0839e77935568f5c6fe3cf19065
SHA512

d5c3aa1f2a0c2d0a1ffdd5ec1708f0c67346f497510f265ef45dc517276289ea07dc33b91a04faee40e0ba57b7a3eb2170d25d9f56ee7295ff5849c32eb1e39c
SSDEEP

98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWB:7bBeSFkV

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd31abca31234046c712ce8296e68c565f21b0839e77935568f5c6fe3cf19065