xmrig | 16b8c250c3bd699a08cf80ff3a4e58ecbde6bae58d65832f05953560f60e14a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16b8c250c3bd699a08cf80ff3a4e58ecbde6bae58d65832f05953560f60e14a5
Size

991KB
MD5

a121c7740be03e682de3448d1c98e7e9
SHA1

ab26c3a74b13e7f7e55614c0965d225056ab9b74
SHA256

16b8c250c3bd699a08cf80ff3a4e58ecbde6bae58d65832f05953560f60e14a5
SHA512

e447b7f2e5713bc8c052789859d597edccbff6c2e207a887c16b84a3c0e1c3aeee6675546d49c7c25f88e3415920ca37827332c248cbb3d109cdab720ef283f4
SSDEEP

24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbBwlKenABWelqLXLhZ:GezaTF8FcNkNdfE0pZ9oztFwIKTLb/

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b8c250c3bd699a08cf80ff3a4e58ecbde6bae58d65832f05953560f60e14a5

Files

16b8c250c3bd699a08cf80ff3a4e58ecbde6bae58d65832f05953560f60e14a5
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ