Overview

overview

10

Static

static

10

be1642f252...8f.exe

windows7-x64

10

be1642f252...8f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    be1642f2523ff7043e9cb23e3b1aa7928c6ac13389aa61b046b0c40c1e36278f

  • Size

    3.3MB

  • MD5

    3ab92ab718c066aec59608e8eb401b2e

  • SHA1

    eb1c18990d175dbe439938408e04af78347f80da

  • SHA256

    be1642f2523ff7043e9cb23e3b1aa7928c6ac13389aa61b046b0c40c1e36278f

  • SHA512

    d88cc09e23203134f82af722cbbcaee6acb127f0550bc36d74ccbdb462a8bd43cb616b4d517d9d25c6beb70f9b94a05e51c0f2280ec2ccb06fe69e952f0c5942

  • SSDEEP

    98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW3:7bBeSFkb

Score
10/10
minerupxxmrig

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • be1642f2523ff7043e9cb23e3b1aa7928c6ac13389aa61b046b0c40c1e36278f
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections