astrix-miner-win[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

astrix-miner-win.zip
Size

2.1MB
MD5

7f7b3342cc0aebbf1d61e00d62bcda9a
SHA1

c0c59136cccda5ddc68cf66056e844d3e04be93d
SHA256

af074981be47ff28dfcf94d4bb87deb8f07399d0e30ab90d519bb19fa9e0027d
SHA512

e3c5487d47c956da6e04248d40b01773d81d918ad892f6a8fbcc7ff12f2c26cc28e5c743916569a9d7b3458908fab434241a60a63dd17a08014dd601d50d34a1
SSDEEP

49152:VTfQLe+L0R9DsLNvGeJwYC9kctQgeS2ANoKS/v8wxYt:VLQSRRZsLNuQ+eFiU8wCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/astrix-miner.exe
unpack001/astrixcuda.dll

Files

astrix-miner-win.zip
.zip
astrix-miner.exe
.exe windows:6 windows x64 arch:x64

c56697ffd10a5df49a3b7bc99e0fbc0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\miner\astrix\GPU\kaspa-miner\target\release\deps\astrix_miner.pdb

Imports

kernel32

HeapFree
GetProcessHeap
HeapAlloc
HeapReAlloc
FindNextFileW
GetLastError
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SwitchToThread
TerminateThread
CloseHandle
FreeLibrary
PostQueuedCompletionStatus
FindClose
GetStdHandle
GetConsoleMode
SetConsoleMode
SetThreadErrorMode
LoadLibraryExW
GetProcAddress
GetCommandLineW
FindFirstFileW
CreateWaitableTimerExW
SetWaitableTimer
WaitForSingleObject
Sleep
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetFileInformationByHandleEx
WideCharToMultiByte
GetQueuedCompletionStatusEx
SetLastError
GetFinalPathNameByHandleW
CreateIoCompletionPort
SetFileCompletionNotificationModes
TryAcquireSRWLockExclusive
GetLogicalProcessorInformation
GetSystemInfo
GetModuleHandleA
GetCurrentThread
MultiByteToWideChar
WriteConsoleW
QueryPerformanceFrequency
GetModuleHandleW
FormatMessageW
GetCurrentProcess
GetEnvironmentVariableW
GetModuleFileNameW
GetFullPathNameW
CreateFileW
GetFileInformationByHandle
ReadConsoleW
CreateThread
ExitProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentDirectoryW
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentProcessId
CreateMutexA
WaitForSingleObjectEx
LoadLibraryA
ReleaseMutex
RtlVirtualUnwind
AcquireSRWLockShared
ReleaseSRWLockShared
SetHandleInformation
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent

ws2_32

freeaddrinfo
WSAStartup
WSACleanup
recv
send
WSASend
socket
getsockopt
shutdown
getaddrinfo
connect
bind
WSASocketW
WSAIoctl
closesocket
WSAGetLastError
setsockopt
ioctlsocket

bcrypt

BCryptGenRandom

ntdll

NtDeviceIoControlFile
NtCancelIoFileEx
NtCreateFile
NtWriteFile
RtlNtStatusToDosError
NtReadFile

advapi32

SystemFunction036

vcruntime140

memcpy
__CxxFrameHandler3
memset
memmove
__current_exception_context
__current_exception
__C_specific_handler
_CxxThrowException
memcmp

api-ms-win-crt-math-l1-1-0

pow
__setusermatherr

api-ms-win-crt-runtime-l1-1-0

exit
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_exit
_set_app_type
_seh_filter_exe
_initterm_e
__p___argc
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 827KB - Virtual size: 826KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
astrixcuda.dll
.dll windows:6 windows x64 arch:x64

5b621e42afd720129a65a6dd940b8b05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\miner\astrix\GPU\kaspa-miner\target\release\deps\astrixcuda.pdb

Imports

bcrypt

BCryptGenRandom

nvcuda

cuDeviceGet
cuDeviceGetCount
cuMemcpyDtoH_v2
cuLaunchKernel
cuDeviceGetName
cuDeviceGetAttribute
cuGetErrorString
cuEventCreate
cuEventRecord
cuEventSynchronize
cuEventElapsedTime
cuEventDestroy_v2
cuOccupancyMaxActiveBlocksPerMultiprocessor
cuOccupancyMaxPotentialBlockSize
cuDevicePrimaryCtxRetain
cuCtxSetCurrent
cuDevicePrimaryCtxSetFlags_v2
cuDevicePrimaryCtxRelease_v2
cuCtxGetDevice
cuModuleLoadDataEx
cuModuleUnload
cuStreamCreateWithPriority
cuStreamDestroy_v2
cuInit
cuModuleGetGlobal_v2
cuModuleGetFunction
cuMemsetD8_v2
cuMemAlloc_v2
cuMemFree_v2
cuMemcpyHtoD_v2

advapi32

SystemFunction036

kernel32

UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
CreateMutexA
LoadLibraryA
WaitForSingleObjectEx
GetSystemTimeAsFileTime
WriteConsoleW
MultiByteToWideChar
FormatMessageW
GetModuleHandleW
SetUnhandledExceptionFilter
GetModuleHandleA
ReleaseMutex
ReleaseSRWLockShared
AcquireSRWLockShared
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
GetCurrentProcessId
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetProcAddress
GetLastError
GetStdHandle
GetConsoleMode
GetFileInformationByHandleEx
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleMode
CloseHandle
WaitForSingleObject
QueryPerformanceCounter
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCurrentProcess

ntdll

RtlNtStatusToDosError
NtWriteFile

vcruntime140

__CxxFrameHandler3
memcpy
memcmp
memmove
memset
_CxxThrowException
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

_plugin_create

Sections

.text
Size: 673KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c56697ffd10a5df49a3b7bc99e0fbc0c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

bcrypt

ntdll

advapi32

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 827KB - Virtual size: 826KB

.data Size: 1024B - Virtual size: 1KB

.pdata Size: 125KB - Virtual size: 124KB

.reloc Size: 13KB - Virtual size: 12KB

5b621e42afd720129a65a6dd940b8b05

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcrypt

nvcuda

advapi32

kernel32

ntdll

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 673KB - Virtual size: 672KB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 512B - Virtual size: 920B

.pdata Size: 25KB - Virtual size: 25KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 827KB - Virtual size: 826KB

.data
Size: 1024B - Virtual size: 1KB

.pdata
Size: 125KB - Virtual size: 124KB

.reloc
Size: 13KB - Virtual size: 12KB

.text
Size: 673KB - Virtual size: 672KB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 512B - Virtual size: 920B

.pdata
Size: 25KB - Virtual size: 25KB

.reloc
Size: 4KB - Virtual size: 3KB