Behavioral task
behavioral1
Sample
445fc44ffb84469b75004771cd6f9cd0N.exe
Resource
win7-20240708-en
General
-
Target
445fc44ffb84469b75004771cd6f9cd0N.exe
-
Size
2.9MB
-
MD5
445fc44ffb84469b75004771cd6f9cd0
-
SHA1
6cf466c2c380d2a70d2d80d71efc8915bd5a3ff1
-
SHA256
7e85362778403e8aa28a7d64450bca1fee18897f64d57fcfc421521fc6974267
-
SHA512
f649d8e18bdee2fac00c9ab4238ad6e188ac49c44bcabeb81a4f84d3ed70e2d16217a83b94f778d613d36e6971b67a73df9aa549857e747d1cfffc6a6f00734a
-
SSDEEP
49152:w0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8Dze7jcmWH8SKJhSn8:w0GnJMOWPClFdx6e0EALKWVTffZiPAcw
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 445fc44ffb84469b75004771cd6f9cd0N.exe
Files
-
445fc44ffb84469b75004771cd6f9cd0N.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 1.3MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 525KB - Virtual size: 528KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE