Overview

overview

9

Static

static

SecuriteIn....26199

linux_amd64

9

SecuriteIn....26199

linux_mipsel

SecuriteIn....26199

linux_mips

Resubmissions

30-08-2024 07:58

240830-jvak8aveqk 10

04-03-2021 13:45

210304-nt1vpdb9aa 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Linux.Miner-ZS.18234.26199

  • Size

    14.0MB

  • Sample

    210304-nt1vpdb9aa

  • MD5

    648effa354b3cbaad87b45f48d59c616

  • SHA1

    0194637f1e83c2efc8bcda8d20c446805698c7bc

  • SHA256

    6e25ad03103a1a972b78c642bac09060fa79c460011dc5748cbb433cc459938b

  • SHA512

    7ed0b6abeda6b3682bb94fbce8c5eeddf6206db23a87c11d606ea2f84a7606420ed47290317b5d9cb4d99f5c07943b8a7a548671d4c73106d6fbd48cd37bc146

Score
9/10
antivmlinux

Malware Config

Targets

    • Target

      SecuriteInfo.com.Linux.Miner-ZS.18234.26199

    • Size

      14.0MB

    • MD5

      648effa354b3cbaad87b45f48d59c616

    • SHA1

      0194637f1e83c2efc8bcda8d20c446805698c7bc

    • SHA256

      6e25ad03103a1a972b78c642bac09060fa79c460011dc5748cbb433cc459938b

    • SHA512

      7ed0b6abeda6b3682bb94fbce8c5eeddf6206db23a87c11d606ea2f84a7606420ed47290317b5d9cb4d99f5c07943b8a7a548671d4c73106d6fbd48cd37bc146

    Score
    9/10
    antivm

    • Attempts to identify hypervisor via CPU configuration

      Checks CPU information for indicators that the system is a virtual machine.

      antivm

    • Reads CPU attributes

    • Enumerates kernel/hardware configuration

      Reads contents of /sys virtual filesystem to enumerate system information.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks