General

  • Target

    testsh-x10.zip

  • Size

    2.6MB

  • MD5

    b308fe758baaeaa0269cf89bcd4f886b

  • SHA1

    81aaf34148aee532eb4878b205a86a7116b422b0

  • SHA256

    16443aa2dfcaecf5b33788a5e8e518787873c50d00bfa5791d9617f1e5d9d36f

  • SHA512

    33cea118d497b2add44643004f584469dd17c60659ec4c72d6999b7d36a36fa01b9655140f000988f91ef805a245c00f8fc39f2be0cf273a39858da684a55dd9

  • SSDEEP

    49152:iC/efKtVdB1jjJy/q+bs4hgh3ElDpXQWNJdi7qLOgth8XlbuJ8cSYB:uKdFy/qtlh3mRpNJddSEcNcSYB

Score
10/10

Malware Config

Signatures

  • XMRig Miner payload 2 IoCs
  • Xmrig family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • testsh-x10.zip
    .zip
  • testsh-x10/SHA256SUMS
  • testsh-x10/WinRing0x64.sys
    .sys windows:6 windows x64 arch:x64

    d41fa95d4642dc981f10de36f4dc8cd7


    Code Sign

    Headers

    Imports

    Sections

  • testsh-x10/benchmark_10M.cmd
  • testsh-x10/benchmark_1M.cmd
  • testsh-x10/config.json
  • testsh-x10/pool_mine_example.cmd
  • testsh-x10/rtm_ghostrider_example.cmd
  • testsh-x10/solo_mine_example.cmd
  • testsh-x10/start.cmd
  • testsh-x10/xmrig.exe
    .exe windows:6 windows x64 arch:x64

    12806e48b853545b536463546db4baa1


    Headers

    Imports

    Sections