Behavioral task
behavioral1
Sample
320bce540c7e9e553459919c5aead376a5e4ef0d301eb3cd9298bcdb7e0307a2.exe
Resource
win7-20240220-en
General
-
Target
320bce540c7e9e553459919c5aead376a5e4ef0d301eb3cd9298bcdb7e0307a2.exe
-
Size
3.2MB
-
MD5
73d57f248c3fd8ae04d3bfb86c9174e0
-
SHA1
370883d3f744cf40d6167d58fdb5581bc3728152
-
SHA256
320bce540c7e9e553459919c5aead376a5e4ef0d301eb3cd9298bcdb7e0307a2
-
SHA512
624d46d8aabbe9dd5dbdf7914fda9d1e8036c3f8b1f73f98f10cb350901216af305041a35d297951e7a52574c9341f618a9e83772fdae0b9709fe106913b36a1
-
SSDEEP
98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW1:7bBeSFkx
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 320bce540c7e9e553459919c5aead376a5e4ef0d301eb3cd9298bcdb7e0307a2.exe
Files
-
320bce540c7e9e553459919c5aead376a5e4ef0d301eb3cd9298bcdb7e0307a2.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 1.3MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 525KB - Virtual size: 528KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE