xmrig | 78cbcc5c9caf39935051036fc8af6f560e4106e45dc6addec693a71f20a8a194 | Triage

Sharing

General

Target

78cbcc5c9caf39935051036fc8af6f560e4106e45dc6addec693a71f20a8a194
Size

4.8MB
MD5

b38181545484cd3218bca0c0d47f6c19
SHA1

fb8527591a2a4931c9e4e557421832444403e6bb
SHA256

78cbcc5c9caf39935051036fc8af6f560e4106e45dc6addec693a71f20a8a194
SHA512

6515378ac9faf01125eb59403f8d9466851efe520f1a28221ee58bb7d5b1a4a3a4241ef11a88ddd0830ece10d2c29a5512adbe8006415fbb1b8d726c90972aa7
SSDEEP

98304:LNtZ3t3q6cUIBzmMTzIf3ZdrtpTV/Wlhsav3Ip/ik2IYHo2:p3t5TV+lhNI9i7fz

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 2 IoCs

resource	yara_rule
sample	xmrig
sample	family_xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78cbcc5c9caf39935051036fc8af6f560e4106e45dc6addec693a71f20a8a194

Files

78cbcc5c9caf39935051036fc8af6f560e4106e45dc6addec693a71f20a8a194
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RANDOMX
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ