xmrig | d06bc080a97657c61c50bd62acd9d8ccd311299b7152bae4e97c6965cd100744

General

Target

d06bc080a97657c61c50bd62acd9d8ccd311299b7152bae4e97c6965cd100744
Size

3.0MB
MD5

0def26b7fd06da53aa7caefa73a78931
SHA1

67b60d75d891ea01ee15c03648cefe367452292c
SHA256

d06bc080a97657c61c50bd62acd9d8ccd311299b7152bae4e97c6965cd100744
SHA512

3cbb329a00e61f09df287e5740a5da2030acf24cd12f22b145a80ef4880f07cfcc37ae6b33972dd5f1fe6c5c27b94cc049f039fc275c7435a7c8fb45445bc35f
SSDEEP

49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkFfdg6NsNtJV3FQ:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R8

Score

10^/10

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d06bc080a97657c61c50bd62acd9d8ccd311299b7152bae4e97c6965cd100744