Common Information
| Type | Value |
|---|---|
| Value |
rule cryptomining_malware_xmrig {
meta:
description = "Detects XMRig"
author = " [email protected] "
date = "2021-06-28"
license = "Apache License 2.0"
hash1 = "a34ae92c904b60ed7c1dc437493d1b086a828d25c52e5409d2c7b79b880db42f"
strings:
$ = "password for mining server" ascii wide nocase
$ = "threads count to initialize RandomX dataset" ascii wide nocase
$ = "display this help and exit" ascii wide nocase
$ = "maximum CPU threads count (in percentage) hint for autoconfig" ascii wide nocase
$ = "enable CUDA mining backend" ascii wide nocase
$ = "cryptonight" ascii wide nocase
condition:
5 of them
}
|
| Category | |
| Type | Yara Rule |
| Misp Type | |
| Description |