SUSP_CryptoCoin_Miner_Keywords_Dec21_1

Rule Info

Name
SUSP_CryptoCoin_Miner_Keywords_Dec21_1
Author
Florian Roth
Description
Detects keywords often found in cryptocoin miners
Score
65
Reference
Internal Research
Date
2021-12-23
Minimum Yara
1.7
Rule Hash
f78d0ce1da961a2a1559cfca5d7d8f13
Tags
['SUSP']
Required Modules
[]
Virustotal Matches
https://www.virustotal.com/gui/search/susp_cryptocoin_miner_keywords_dec21_1/comments

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
29
Suspicious (< 10 engines)
36
Clean (0 engines)
5

Rule Matches

Timestamp
Positives
Total
Hash
VT
2024-04-17 13:07:39
18
59
131769280081b23b937f56a5c409ec57283ecd2241d29fea075913c935e57610
2024-04-11 08:10:34
7
57
22f2060e32d2c11764f6e36f6f1e5590c299d0cdda3eebe91f57d10ad3f65797
2024-04-07 23:11:54
8
58
98ae4c0331f3252f91af58c7033a3e9184ef467a657f2df377d6111b0e8b970b
2024-02-05 04:08:07
4
60
ec4aa091c5d74273f3c827482e8e354430a3f2f244005d728c7a77794d53df53
2023-12-25 14:28:34
22
58
bef0ca05dd824d14c5f0110d1f2f70d729124490e68fd9a43cc78827c92b6459
2023-12-06 10:33:32
9
60
a0391c1f1343a0bbccb41f487707c0a67af614d8404dc8ffd452c921fe07b17b
2023-12-05 00:30:24
16
60
9704bcd8549194c45eabf6cae7abb198696fb1e0f509c6878243259e53bbd197
2023-11-30 22:43:52
6
60
fe64e1ec0f19686312f4470331fdfdac3fffd0349e4fc06820a48464e42f67cf
2023-11-25 23:16:24
14
60
23dc06f034d96071a9dde14393db60b605cf73970fa8356dd94e60aa5027606e
2023-11-19 04:03:20
27
60
a037c15659d91a7555fbd0ec17978c26f7974ea66909c8732629c4a1ec961f14
2023-10-10 18:14:23
1
59
bf8c46ce3cad9375706536d5d0d7192feca2f5171894efbe069867717bd2a1c5
2023-09-11 12:58:35
14
59
17a623cfd33ecb999139feed56d744bfd03e87861146faffda4715a0699331c5
2023-08-15 04:50:46
14
59
60318d3c00f1b792c0744be9c478ef24fde1469da84fcb2b232f5653819f8dc2
2023-04-23 00:14:30
6
59
b4daddf876342911493de8513b53d07c08b3e92b8d292a6b20e06b03d2d375e7
2023-04-06 18:25:57
5
59
0fbb0f97362764d1149ed1b3d8c1f8e82f31c70cec673fd3555cc543ef1c29be
2023-03-27 02:39:30
4
59
28b115f3f2dff03a4f5bcaee077b6b496491ad149f83d06c58f479416b1c11d4
2023-03-20 02:03:48
8
59
3006eacd060758d1d8c3f6d0fb965f12017044ad50855723b027dda9c564b376
2023-03-20 02:03:44
11
59
b8e02832090ce5de02aa1a7dfd4c3efbbee70d0195fb63b598708ab64968f530
2023-03-20 02:03:43
36
69
1a920799ec5f09e5de2a409968a069f1437a6974657d9eab34313ec91d94b019
2023-03-06 09:18:19
23
59
ef3e279e154822ca903875f5cc6c07dae9f3f1643d773491a039e39a99d7a6cf
2023-03-06 06:48:54
19
53
7bc7e7252a5821c28056a62e92819cfdd08d76b64ceb220d29cc09d2803f39eb
2023-01-21 21:55:15
8
60
99fd5708a0b45b728ebb4e9a6d582d610915b4e1bdfe1bae86e8146c7a2f0d48
2023-01-21 21:39:53
8
58
2cb714de7d53f877e244d1d785050d04a2815ba3b9e54ae3e1e36b4f1f6dacd8
2023-01-21 21:39:51
36
70
7c1000726cee497ffb8006a41f86c47893a209332fdbf8216b9e0918705509fc
2023-01-21 21:38:48
10
60
34d34e0ec5d313f6ca5ea96c60a83a57979716bdc04256c47068dd1019a403e0
2023-01-21 21:38:48
37
71
157b61b9c30513d20381b95dc37c112366c32267467de7d4bc72941fd45ce5a8
2023-01-21 21:38:47
24
71
adc9c41fd8e7cbaedae8cd8d86c7ae6b0415a866be2b15f7ca6271d5ee517af3
2023-01-21 21:37:43
10
60
f1708a12a0e7db8ceb121b5c41c85debb3685450e121b67c9ed07c9e3e0cbb6e
2023-01-21 21:37:43
21
60
e8c0ede79f555e45acb628c06e283fae098ea5ef0a29814656d2bbceade642de
2023-01-21 21:37:42
10
60
997254d035b0d73b7fb0502879b152dda5eb6085275030a0c52e5c2da4a9ff0c
2023-01-21 21:32:14
11
60
457fe8d80247a2a0f22a6d4cb30430cd86ae5031f01f950823b817d1c6a8c634
2023-01-15 11:48:13
14
59
0b4b884ae39655dc7feceeab6ed31515b528de6fd7d39c6d3e3ee24a22f1b81c
2023-01-13 12:06:05
11
60
0f9a8351d8a4b9b5528f53479e0a0c74b944574c2754504874fa4a3acc62c426
2023-01-11 12:38:18
21
48
db3a6d98109e40fd7ecb40b0a4927381dfdee96a6753473681649a18581c4ba9
2023-01-02 20:12:46
29
67
b0ddb705c17c2f97f9607238c759202120b32c74fb3e5fc68b5e16ef4ebdc091
2022-12-14 18:57:56
38
69
8c3db30ad758019a52308dfd2f4da827d6d9a00ff0426bfe68347e1ca8c741db
2022-11-23 08:45:13
8
60
82b68de208a2304366194831a1e1f01bbd90e2ab10f41dcbb2c45947bbda8293
2022-05-17 05:35:19
0
58
07cd68e1b5a74366859b50e750dad73d06347f390306b8d78577b7471b40cdb2
2022-05-04 13:48:44
4
58
4eaf5dcc9fbf9c50cec3a704bdee3a18205860cfc87001d3425ad620ec870fe7
2022-04-21 01:37:18
8
58
522e36448393266aa5fbb1a6b9e8c0a635ed4819d3a98dcc4fa38709fd546eb1
2022-04-18 19:09:36
2
57
273110afa656ff2fb8926ad9bec42977ad606fc81e06afccc0e3b132092e4082
2022-04-15 16:23:14
0
58
e0a09abe150bd548d7830df257e50027c79fcef7bd6d92c4220f48bb4c9cc942
2022-04-04 18:39:58
0
56
c8a5a8a7f4204fcf6ff6b75f62443e3aa0ebbcbb86b7a3642da2270c03c129f9
2022-04-04 12:41:22
24
57
57375e5d331ed567ca2da98b126ac585ff7829d15c31ad98eb452339e3ba1d05
2022-04-02 01:21:38
0
55
2ac20bab747310cbece0c08984a060debacd57ec86c82679e8e31767306e0fea
2022-03-18 07:47:04
0
55
7ba723d34af2fec8f648720ac5292b0bfaa09e2594f9ae80314b7fc6e4761f5b
2022-03-03 10:09:46
14
58
451a4cbb6b931d8bb8392f08e7c9ec517b1b1ef06f42e1c8105e4feaafd6b157
2022-03-01 17:10:44
27
59
7bb1bd97dc93f0acf22eff6a5cbd9be685d18c8dbc982a24219928159c916c69
2022-02-26 13:54:08
2
58
128d243c250f66315ce8163f42cd08fd9b2877685e9bcc85992f6e222c48e7aa
2022-02-26 01:24:25
9
56
69db3286b4570897e6ca734770592e1cb21f9903bc757208e075b7c51d8c1524
2022-02-24 17:10:42
11
47
a2ceeff0677483f652f8cf15973a32f3ddf8205b3b5adabdcb9823878c57d76f
2022-02-18 14:47:59
2
48
e12b077128172666350096b49c9927fc4ca57b5cf2481735530e493dbe0421b4
2022-02-08 19:32:28
3
58
52731ca0e3f9052efb9b80cabd6b4b740689f478cd5fb726e2a9f3d22c171f43
2022-02-06 19:22:35
9
52
2dcd4fcb8737f529f46180493396959da1366eafae2b45e783638a9b156f63cb
2022-02-04 00:13:38
11
51
d4fc394b858df73e85c1531ebe0133c8a62f70a6adea8855238c0c9bf9fc5144
2022-02-02 14:38:43
4
56
53065ede36c92d480831ce1066f16a8c47a0d2d4a768a2ef352a1a1c03cd1f9d
2022-01-31 11:45:07
4
58
200712bbfa16417ab61f8fadff511244ccb1b1e8898809aaf3c74c16f536dbbf
2022-01-21 21:31:32
4
56
9e3f065ac23a99a11037259a871f7166ae381a25eb3f724dcb034225a188536d
2022-01-18 19:06:31
1
55
547b4e7f04da01c5398c08752b171ab636d798d5796eaca112d0d97065bbe8ee
2022-01-18 14:29:15
1
55
3960b85409025f355ca73bbd1ac9b6a370aa5d642e608cb26f8a95bf62d34eb5
2022-01-18 13:59:44
1
56
43c88ec35994491143034dedddd96471c8572240acc75171d6be05860579d64f
2022-01-18 12:19:36
4
55
3ce059e3a1a046c609ae51ee8d33fd30ab26ac50d2e5919849392c0f39f008f1
2022-01-18 10:59:33
3
56
ccf3e3f7a5d053b301ea9079c1e42545168cd71d1608bb8f1a92ef242b1b3274
2022-01-18 10:59:32
4
58
a93223e2c669c4c6548d63d9e73518112da036b85da49dfc0764c2c99ae0f04a
2022-01-17 17:01:44
3
57
f724d1cb7aaddac263a4c524c090987dbd25bf40aa84c5db70c736ff6fd64612
2022-01-16 21:24:23
4
57
abf1d09e0d9b2e09f63f5991f5226b046e9d72bf8b769992bec2e61844b14ba5
2022-01-16 15:20:35
7
57
82887017109dce26f5a1196a4a8a6b131d58670151466dc01db6685b84cd0b30
2022-01-15 16:03:54
2
56
bc25adab6e5a0d5a95ec0c1d4ef513830359cc6bb6df47591fec46cbdfb1fafe
2022-01-14 22:31:09
5
56
1e2a5e21f3024cdb11ed27bfc17cd692d572efd27d95aecdea494381656e8317
2022-01-13 23:44:57
2
57
df48d38df4be5bc64fc74964aff13f5242150fa05bea6b1b4a1510f0d87a68d2

Rule Matches per Month (last 24 months)

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022