xmrig | 8ddd982d7abf50f2c44de87ad25fe6bb5a6ec88bee81153a496506ab5b98b870N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ddd982d7abf50f2c44de87ad25fe6bb5a6ec88bee81153a496506ab5b98b870N
Size

1.6MB
MD5

e80edd4f9394fcc8247607504a0487e0
SHA1

907d4ff55bba8e947e83c3340420d323dc7f6a05
SHA256

8ddd982d7abf50f2c44de87ad25fe6bb5a6ec88bee81153a496506ab5b98b870
SHA512

6130f2906b181f5d5b084e4354ea56f762763625ad0985fa8a0b602a7c8f7ae45634903cfd15ed2542f4a8932becf19f740e92baf6802204acc91f12b03446f8
SSDEEP

49152:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5yOBZnQJ+:GemTLkNdfE0pZyP

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ddd982d7abf50f2c44de87ad25fe6bb5a6ec88bee81153a496506ab5b98b870N

Files

8ddd982d7abf50f2c44de87ad25fe6bb5a6ec88bee81153a496506ab5b98b870N
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ