Overview

overview

10

Static

static

10

.rsync/a/a

linux_amd64

.rsync/a/a

linux_armhf

.rsync/a/a

linux_mips

.rsync/a/a

linux_mipsel

.rsync/a/anacron

linux_amd64

.rsync/a/cron

linux_amd64

.rsync/a/init0

linux_amd64

.rsync/a/init0

linux_armhf

.rsync/a/init0

linux_mips

.rsync/a/init0

linux_mipsel

.rsync/a/run

linux_amd64

.rsync/a/run

linux_armhf

.rsync/a/run

linux_mips

.rsync/a/run

linux_mipsel

.rsync/a/stop

linux_amd64

.rsync/a/stop

linux_armhf

.rsync/a/stop

linux_mips

.rsync/a/stop

linux_mipsel

.rsync/b/a

linux_amd64

.rsync/b/a

linux_armhf

.rsync/b/a

linux_mips

.rsync/b/a

linux_mipsel

.rsync/b/run

linux_amd64

.rsync/b/run

linux_armhf

.rsync/b/run

linux_mips

.rsync/b/run

linux_mipsel

.rsync/b/stop

linux_amd64

.rsync/b/stop

linux_armhf

.rsync/b/stop

linux_mips

.rsync/b/stop

linux_mipsel

.rsync/c/go

linux_amd64

.rsync/c/go

linux_armhf

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d6e2e1c77c80e8d0198ae76e7bb40db524f1e699211b554a126d20802f985f3

  • Size

    5.5MB

  • Sample

    220520-qq8e1sdha2

  • MD5

    ebb5653ed428da62c211718e717dec2c

  • SHA1

    d87965623bd1ddb35b1e10f2f4e098b0c8b39dc0

  • SHA256

    2d6e2e1c77c80e8d0198ae76e7bb40db524f1e699211b554a126d20802f985f3

  • SHA512

    fced87106b1bc8e42e8bf747e568d0f972b0fa47307c9d9b6713a51d7ac000c04af1302642548ac2437fdd220f9ec565e620b709178df91ef22f9ac31b238256

Score
10/10
xmriglinuxminer

Malware Config

Targets

    • Target

      .rsync/a/a

    • Size

      319B

    • MD5

      21c0b1de4bbabd83e923b7015bc40755

    • SHA1

      de5c5b339e1c685edd401cfb5767056f241993c4

    • SHA256

      2e10b1b163a3dca23d463ed7f6cbd2267f9caa11f8a17e248aa58a6b87e545a6

    • SHA512

      73fa64b02d6d0debcf5e9926c21dd94a872693df6d620cefd73fd55c7f132e0233e943fc0844aff1c455a16d2f7f5e3df460268e7f89d18db2c5bf6c55baa0c3

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      .rsync/a/anacron

    • Size

      2.0MB

    • MD5

      a33df2dc8e05d5f3da9f6806322343a2

    • SHA1

      3c1214278c49408dc9ffb4177d6f5ba3e93ecdd0

    • SHA256

      7aeac6fd6b3eba752c96e2964e4ad6f3c2e093fddba006154c54048c76b95bc0

    • SHA512

      2da0b052fa38ade1bf03caa67ec05e71a68749c481f2f53002745c34a92b8669245bb26e100982e087f108652f2972a141adb93bdb32a5926155396afaa9f157

    Score
    1/10
    behavioral5

    • Target

      .rsync/a/cron

    • Size

      1.6MB

    • MD5

      262f8b44bbc58b1cc237a289a6e968f7

    • SHA1

      18d90299e2a0fe76e9ae5403fc2a7cce7c59f82a

    • SHA256

      2d9fb5ea6356fba9734673ba4ed1653ff7e887875cc3bfc9da7669c80a53a93b

    • SHA512

      0eeea0c3461ac98bc704424f18bf9123fa6d73339e27a23f40558592587b14256471d3b75116762cd95c570ed1a45fec81d2c30a71d85dd1599a63314c817638

    Score
    1/10
    behavioral6

    • Target

      .rsync/a/init0

    • Size

      8KB

    • MD5

      b56a122f8141ffd829bf5c1bc6c6eb4e

    • SHA1

      9df04a110dfe5b810f0ee6856a65e3f004aad585

    • SHA256

      1800de5f0fb7c5ef3c0d9787260ed61bc324d861bc92d9673d4737d1421972aa

    • SHA512

      d5d651743b012e12e9c17da3bb97c51a318ca9f0afe5dc75d827b87fc8856e044c18bc880d864a3d85ad712d773b64d400edb691f701e7fc0356e21a6d7a758a

    Score
    1/10
    behavioral7behavioral8behavioral9behavioral10

    • Target

      .rsync/a/run

    • Size

      228B

    • MD5

      ffe0e288a6dce9432d3233f770719570

    • SHA1

      ffcd88d1e44aaaeb58013938b5de0c3ee86bced8

    • SHA256

      e2902ffb723d7cc434b71ae2811796771c706a878600c9f366510efd83878c50

    • SHA512

      257969e478623efdc4398fc4eb6618833c5ea6819bf0dc3081d6fa882f88662f3f93768f2ec3c3c9585e09473ad04e49691f1b1ae8a38fc102fbd9e8176e9eda

    Score
    1/10
    behavioral11behavioral12behavioral13behavioral14

    • Target

      .rsync/a/stop

    • Size

      114B

    • MD5

      b726837db1e4d3a05a4749fdc7a4f9d5

    • SHA1

      793d9bb347cdc6bf99a1a6eeff2a210a6f149734

    • SHA256

      ad46ee339c92694f3d8b072b74eec325e416bbbf305803345d6fc4e787832af6

    • SHA512

      ce24fcc586b0172409352020c07bb49069fa8ffe7e4fb9c3f350c6b2f02c5a997b83dfb6ce6ac35db168434c7f68d0cd95f1ab198d25f2ee6ab9b13067a7ecc4

    Score
    1/10
    behavioral15behavioral16behavioral17behavioral18

    • Target

      .rsync/b/a

    • Size

      157B

    • MD5

      17dfec62acb9bc298bb333fbe391f486

    • SHA1

      960fdc0a9c8dd4879c96ec76f69a9dedc6ec9795

    • SHA256

      dc43fdfbb5f7e8ecc80353dcd85889c0c08483c99acbce35b3ed8f399c936920

    • SHA512

      21d49249ca656d3f6ce7a77876796590ae66d31963a6cdf65bb294ca45372e68686f8f7fd846035ed53f1155962447a8054bf2ea081e02fbb4b3fa1b6e376881

    Score
    1/10
    behavioral19behavioral20behavioral21behavioral22

    • Target

      .rsync/b/run

    • Size

      45KB

    • MD5

      1a9279cefe7f1f4bd569de580204902e

    • SHA1

      4adc4d1b579700a33bbb4755f8644cefa5fa72f6

    • SHA256

      e598dc2ca7075fb1b1e795446372db28ed59d2cd7fb402ce3e2b1689f2a7a8f7

    • SHA512

      cf0cfd82180a89c4eba31ef37ca71a4725428649f7e7c0f33b4821eaf391ed9348438e2eda0faed9ba513e755fbca86eba64ddd4e0a2082576dd1801376d7aab

    Score
    1/10
    behavioral23behavioral24behavioral25behavioral26

    • Target

      .rsync/b/stop

    • Size

      943B

    • MD5

      7cbfd6268396ad16e1880e6d3f2e2f2e

    • SHA1

      afe69f1815ab00867789c2668aa0bf566657a850

    • SHA256

      1c42bfcfb910013ebe02adeb6127884de54ea225161d0a7347c05c2c4e6fbf49

    • SHA512

      e95a64e24d909b944f5617c4ac30eb1a106d3999473d77e3a9df889143227b87360d438b32da2108756a47c9f2499c0eed5755e1e4faae187b634a5d345f604e

    Score
    1/10
    behavioral27behavioral28behavioral29behavioral30

    • Target

      .rsync/c/go

    • Size

      296B

    • MD5

      aad27afb36fd789a686eee2ab082e6bd

    • SHA1

      424e81adf6bd2159c5872673222feb1aa4db801e

    • SHA256

      054301f34ca331ed89b0fd7da73b2058b5c15e0ed2f36cad308a5e17fc8fe385

    • SHA512

      3de61a046db9884efeaddf41d5b89454c08a687db1543bdf4619abcb3a90004dda480b4876d182e8caac4c5a4cdf25c91c3da949ba04e30c93cfa59d18b280a3

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks