General

  • Target

    Trojan.Win64.CoinMiner.WE-825b2356cfb1bb900075bb18f509783ccd623780aa837ecd1073aa58a75eb7afN

  • Size

    1.9MB

  • MD5

    272b74b7317c42d6377c62ee5e7a58a0

  • SHA1

    bd0955036d7e3a286af9f2b11621e8e04de1dec2

  • SHA256

    825b2356cfb1bb900075bb18f509783ccd623780aa837ecd1073aa58a75eb7af

  • SHA512

    46bcf7a14f62226f01d9c9d056dd53d4d884207015ac34e7dea4f0e9f86592633ac9a89fc19805f74cdd95e780b198d97027a29ab961b812c176249b90e78398

  • SSDEEP

    49152:Lz071uv4BPMkyW10/wKV7hjSe05c2H7md:NABq

Score
10/10

Malware Config

Signatures

  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Trojan.Win64.CoinMiner.WE-825b2356cfb1bb900075bb18f509783ccd623780aa837ecd1073aa58a75eb7afN
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections