xmrig | Silent[.]Crypto[.]Miner[.]Builder[.]rar

General

Target

Silent.Crypto.Miner.Builder.rar
Size

81.8MB
MD5

933d0f5124ce80145887ac1fa70cce22
SHA1

0d18410b44a306620faa6e80ab2a1f3b454638e8
SHA256

2d892e65432b58585112e78deec5750652a25249dd4f56e0fd6d47fe7804baf1
SHA512

62ce1274e2ff0cf808d291ed8db92c17bcd1b1eb5caac4573a7c9cda1b88fa85958711f3f4a6f3df3092184a049dca0bd7a7d58f536e8772fddfd934ccdb99b6
SSDEEP

1572864:Fd61wTAxnsyiOtrAqunqBZqx6ikncQTw5EH+tjkx6SR0thS3eb7Dt:FFTUnsHOhTPU6iknFOk+tjkx6RthOeXB

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 2 IoCs

miner

resource	yara_rule
static1/unpack001/Repo/bin/unam.exe	xmrig
static1/unpack001/Repo/bin/unam.exe	family_xmrig

Xmrig family
xmrig

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Repo/bin/unam.exe
unpack001/Silent Crypto Miner Builder.exe

Files

Silent.Crypto.Miner.Builder.rar
.rar
Repo/bin/dll.bat
.bat .vbs
Repo/bin/unam.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

H:\CRYPTOCOIN\Mining\Miner\SilentCryptoMiner\SilentCryptoMiner\obj\Release\Silent Crypto Miner Builder.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 129.2MB - Virtual size: 129.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Silent Crypto Miner Builder.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Torenta\Desktop\offlinee\Light-The-Dark-1.0.1\obj\Debug\Silent Crypto Miner Builder.pdb

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 129.2MB - Virtual size: 129.2MB

.rsrc Size: 132KB - Virtual size: 132KB

.reloc Size: 512B - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 135KB - Virtual size: 135KB

.text
Size: 129.2MB - Virtual size: 129.2MB

.rsrc
Size: 132KB - Virtual size: 132KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 135KB - Virtual size: 135KB