xmrig | 3f455d1bc20db8cf2b1dc9523208391b3b9f9b337e019483025b6a0edd9f7697 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f455d1bc20db8cf2b1dc9523208391b3b9f9b337e019483025b6a0edd9f7697
Size

1.0MB
MD5

837173d7966df82b85bff01d2148f3f2
SHA1

70dc4e95cab1c14e9333943aa36eac54bfb7e8b6
SHA256

3f455d1bc20db8cf2b1dc9523208391b3b9f9b337e019483025b6a0edd9f7697
SHA512

320c31341c6b1b81810b110ffce863d1b67b79471899f0069164aeaea90603ce369ba486b4e74d00e96da3a7bbce0bf22f4b65e5f436685814df5abae5c3791f
SSDEEP

24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbBwlKenABWelqLB/CwoiZ:GezaTF8FcNkNdfE0pZ9oztFwIKTLF

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f455d1bc20db8cf2b1dc9523208391b3b9f9b337e019483025b6a0edd9f7697

Files

3f455d1bc20db8cf2b1dc9523208391b3b9f9b337e019483025b6a0edd9f7697
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ