xmrig | 51f8b9e9ef391d9b21b20b3c81c514fb503b4af6dd373837c4683fa0901b6bf2 | Triage

Sharing

General

Target

51f8b9e9ef391d9b21b20b3c81c514fb503b4af6dd373837c4683fa0901b6bf2
Size

1.5MB
MD5

25d90f2be7275e24f02eaaec20caebb5
SHA1

9642029d046d07dce3f38aa459d565e163106e8f
SHA256

51f8b9e9ef391d9b21b20b3c81c514fb503b4af6dd373837c4683fa0901b6bf2
SHA512

f45e932b4945c7471b48c1f2bf5db27974578c7e7b903d7cc7de1874b27ee6d00f66b099fc94638c0d876a1f4acafea8302edfc6b214e1adb6d4e03407c5de23
SSDEEP

49152:GezaTF8FcNkNdfE0pZ9ozttwIRxeEahyEuu:GemTLkNdfE0pZy6

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51f8b9e9ef391d9b21b20b3c81c514fb503b4af6dd373837c4683fa0901b6bf2

Files

51f8b9e9ef391d9b21b20b3c81c514fb503b4af6dd373837c4683fa0901b6bf2
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ