miner[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

miner.exe
Size

29.8MB
MD5

6a1e8b3c2a727ee2fff4e1dc64af2684
SHA1

ffb07abd87c50e8674ceb0f92385059bab54f5c3
SHA256

db0c17260f13effed9bf8fc1acf43c14beedd4a8d3937ce256b6e3d60d21d31c
SHA512

68d429a0f1fd5b59b12b0720fb4bbb8a89a47a52480d626b738e56d3f927289b4229eeee48ec619b5046abfff9c44ae749588c56af220a487ccae13ec65b9a52
SSDEEP

786432:FLC6ru0luYUDTuLwkDcRwfNp+5e6iGTO5EtJ9m06:Fm6VkY+TuUuWHNTrm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
miner.exe

Files

miner.exe
.exe windows:4 windows x64 arch:x64

02549ff92b49cce693542fc9afb10102

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

malloc
memset
_get_pgmptr
getenv
sprintf
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit

kernel32

Sleep
CreateProcessA
SetUnhandledExceptionFilter

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29.7MB - Virtual size: 29.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ