Behavioral task
behavioral1
Sample
23d99321df4b6524b4aeb64c8e034acfb36f67ecc18919737ce91c540fa7cc03.exe
Behavioral task
behavioral2
Sample
23d99321df4b6524b4aeb64c8e034acfb36f67ecc18919737ce91c540fa7cc03.exe
General
-
Target
23d99321df4b6524b4aeb64c8e034acfb36f67ecc18919737ce91c540fa7cc03
-
Size
2.2MB
-
MD5
65c68aa69dffac27dc80086ff498809e
-
SHA1
ac7656c19dd28b1aa03edda8e7e9fa3ee54868d2
-
SHA256
23d99321df4b6524b4aeb64c8e034acfb36f67ecc18919737ce91c540fa7cc03
-
SHA512
43e14181ba7fc0e2c9f68b556e8de18d7bfccac6fb32f6de820d149e399c8eaf295a605c031af6419b91def002823d5b27351d7d7093efc33bdbb98e00ae1784
-
SSDEEP
49152:BezaTF8FcNkNdfE0pZ9ozt4wIXGvAnCumyui7:BemTLkNdfE0pZrt
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 23d99321df4b6524b4aeb64c8e034acfb36f67ecc18919737ce91c540fa7cc03
Files
-
23d99321df4b6524b4aeb64c8e034acfb36f67ecc18919737ce91c540fa7cc03.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 724KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 272KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE