Show in Graph
Common Information
Type Value
Value 
rule cryptomining_malware_xmrig_config {
	meta:
		description = "Detects XMRig Config File"
		author = " [email protected] "
		date = "2021-06-28"
		license = "Apache License 2.0"
		hash1 = "1085c9211f2af8ddf1588adfb150c64c2b3a2b1c7acf4bc445546455f36299c0"
	strings:
		$ = "\"cpu-affinity\"" ascii wide nocase
		$ = "\"autosave\"" ascii wide nocase
		$ = "\"log-file\"" ascii wide nocase
		$ = "\"max-cpu-usage\"" ascii wide nocase
		$ = "\"donate-level\"" ascii wide nocase
		$ = "\"huge-pages\"" ascii wide nocase
		$ = "\"cpu-priority\"" ascii wide nocase
	condition:
		filesize < 500KB and 5 of them
}
Category
Type Yara Rule
Misp Type
Description
Details Published Attributes CTI Title
Details Website 2021-07-13 49 Resources for Investigating Cloud and Container Penetration Testing Tools - Cado Security | Cloud Investigation