General

  • Target

    deficode-k18.zip

  • Size

    2.6MB

  • MD5

    b553a0eee5bc371b304881fcd8982c8b

  • SHA1

    afd23861278f89991632671737ad1ef12b20b67f

  • SHA256

    895e605d2f3318ea1fc90f4120380254c0981a3df9262fe292d1c0e90fc71465

  • SHA512

    24b0ade7aed98d804a39e4aa7b1e73c575204f5907ad506f2953cde53a512c89ef1e5da12e6612f313db219e8db1430dad34e3810894b7268eb82ed2eb6af5e0

  • SSDEEP

    49152:zC/efKtVdB1jjJy/q+bs4hgh3ElDpXQWNJdi7qLOgth8XlbuJ8cSYl:nKdFy/qtlh3mRpNJddSEcNcSYl

Score
10/10

Malware Config

Signatures

  • XMRig Miner payload 2 IoCs
  • Xmrig family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • deficode-k18.zip
    .zip
  • deficode-k18/SHA256SUMS
  • deficode-k18/WinRing0x64.sys
    .sys windows:6 windows x64 arch:x64

    d41fa95d4642dc981f10de36f4dc8cd7


    Code Sign

    Headers

    Imports

    Sections

  • deficode-k18/benchmark_10M.cmd
  • deficode-k18/benchmark_1M.cmd
  • deficode-k18/config.json
  • deficode-k18/pool_mine_example.cmd
  • deficode-k18/rtm_ghostrider_example.cmd
  • deficode-k18/solo_mine_example.cmd
  • deficode-k18/start.cmd
  • deficode-k18/xmrig.exe
    .exe windows:6 windows x64 arch:x64

    12806e48b853545b536463546db4baa1


    Headers

    Imports

    Sections