Overview

overview

10

Static

static

10

.rsync/a/a

linux_amd64

.rsync/a/a

linux_armhf

.rsync/a/a

linux_mips

.rsync/a/a

linux_mipsel

.rsync/a/cron.d

linux_amd64

.rsync/a/init0

linux_amd64

.rsync/a/init0

linux_armhf

.rsync/a/init0

linux_mips

.rsync/a/init0

linux_mipsel

.rsync/a/run

linux_amd64

.rsync/a/run

linux_armhf

.rsync/a/run

linux_mips

.rsync/a/run

linux_mipsel

.rsync/a/stop

linux_amd64

.rsync/a/stop

linux_armhf

.rsync/a/stop

linux_mips

.rsync/a/stop

linux_mipsel

.rsync/b/a

linux_amd64

.rsync/b/a

linux_armhf

.rsync/b/a

linux_mips

.rsync/b/a

linux_mipsel

.rsync/b/run

linux_amd64

.rsync/b/run

linux_armhf

.rsync/b/run

linux_mips

.rsync/b/run

linux_mipsel

.rsync/b/stop

linux_amd64

.rsync/b/stop

linux_armhf

.rsync/b/stop

linux_mips

.rsync/b/stop

linux_mipsel

.rsync/c/go

linux_amd64

.rsync/c/go

linux_armhf

.rsync/c/go

linux_mips

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2aa70ecbd3733c39ed5648ca4d09570629ed564430f8e8cb4c6460aae0cad942

  • Size

    5.1MB

  • Sample

    220520-qq9cbagggn

  • MD5

    7e2b4541e0ff720dd602c5bcafc3f944

  • SHA1

    74225541c4de4ea9142727bb5268924ae0d43f4d

  • SHA256

    2aa70ecbd3733c39ed5648ca4d09570629ed564430f8e8cb4c6460aae0cad942

  • SHA512

    7800690159d43012bfc030417f366c5fce80d5a36f596a4baf944bcd4d99ba472cd3d526d2230b178ba707a61acb1b2d7995724c75955860958f66fae513eb18

Score
10/10
xmriglinuxminer

Malware Config

Targets

    • Target

      .rsync/a/a

    • Size

      876B

    • MD5

      de5869436d84eee7b336fb5c51675290

    • SHA1

      4427d10cc48b92208b9d61b45f45b3156e884813

    • SHA256

      9d4fef06b12d18385f1c45dd4e37f031c6590b080ea5446ff7a5bac491daea50

    • SHA512

      f26bcbdcf7417308bdec3f3f8b6ef453d2b7417b16d015eeddfc447955068b48667554fd9a1b896ee9d44ac3c2cac54137fc455c45f94251f42e5e3a1e7b6230

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      .rsync/a/cron.d

    • Size

      2.3MB

    • MD5

      045c62cc67de6b0112a9f61fd93db30e

    • SHA1

      8e40210894fbdf502488b137f6be3db6bf40d7f1

    • SHA256

      e74d0a1db81a6d9dcd8d7032fa5ca1e65592dee86910b1ccac36b23b246ed2e8

    • SHA512

      648673b470ab008d90d1663f9c1a00e0d9485b1dc9e975aede4bb53edc703bf184eb86a31e93ff18309af03abedfc4e50bc25cf63f0fdb10a76c268d5db1ba59

    Score
    1/10
    behavioral5

    • Target

      .rsync/a/init0

    • Size

      8KB

    • MD5

      875143129bbcd38032972f3b4fe7a520

    • SHA1

      cc0db544cea1ac1b81e454cf0136d23238cf3a3d

    • SHA256

      c07935921619b255657443b77275fd55df32a4115dbc6b93e2a7ba4b7a86ab7f

    • SHA512

      4220a53af898140863eb3640c726c8ab988695d8850956a03e97f2d6d5714fed7d0c125a0d4edbcf5b842163ac249237df5368177f0c2ac4882ac51453d93f9c

    Score
    1/10
    behavioral6behavioral7behavioral8behavioral9

    • Target

      .rsync/a/run

    • Size

      239B

    • MD5

      00328cb4a101eaca1430bba5e4f98747

    • SHA1

      38f3e410d2d39f77ef8d0ec2b0b6f3d8950ed7c7

    • SHA256

      47f57f25d1634e6535606efb26dc93eb40e287d65560fd0583e3228a8adf1d5f

    • SHA512

      ae33576f24ff913eb58de82f7a6a4004ee7faa25fc3af8d6fc2cc7352526750ce2fc26e8795bd2c4d54867c5ed7db6d01485eb82243731672193199ede224bef

    Score
    1/10
    behavioral10behavioral11behavioral12behavioral13

    • Target

      .rsync/a/stop

    • Size

      114B

    • MD5

      b726837db1e4d3a05a4749fdc7a4f9d5

    • SHA1

      793d9bb347cdc6bf99a1a6eeff2a210a6f149734

    • SHA256

      ad46ee339c92694f3d8b072b74eec325e416bbbf305803345d6fc4e787832af6

    • SHA512

      ce24fcc586b0172409352020c07bb49069fa8ffe7e4fb9c3f350c6b2f02c5a997b83dfb6ce6ac35db168434c7f68d0cd95f1ab198d25f2ee6ab9b13067a7ecc4

    Score
    1/10
    behavioral14behavioral15behavioral16behavioral17

    • Target

      .rsync/b/a

    • Size

      157B

    • MD5

      17dfec62acb9bc298bb333fbe391f486

    • SHA1

      960fdc0a9c8dd4879c96ec76f69a9dedc6ec9795

    • SHA256

      dc43fdfbb5f7e8ecc80353dcd85889c0c08483c99acbce35b3ed8f399c936920

    • SHA512

      21d49249ca656d3f6ce7a77876796590ae66d31963a6cdf65bb294ca45372e68686f8f7fd846035ed53f1155962447a8054bf2ea081e02fbb4b3fa1b6e376881

    Score
    1/10
    behavioral18behavioral19behavioral20behavioral21

    • Target

      .rsync/b/run

    • Size

      46KB

    • MD5

      716e6b533f836cee5e480a413a84645a

    • SHA1

      49e69013596fd282e8df90ca0035335537639fe8

    • SHA256

      b2469af4217d99b16a4b708aa29af0a60edeec3242078f42fa03b8eaf285d657

    • SHA512

      c5359f3fd506ed06f2b61778f89cd3048f69026e7b6e039195497a3e87228777ca3496f0a57cc3093461f0d15882f4b408200e7d972b4a12ed2761180aecd4ad

    Score
    1/10
    behavioral22behavioral23behavioral24behavioral25

    • Target

      .rsync/b/stop

    • Size

      943B

    • MD5

      7cbfd6268396ad16e1880e6d3f2e2f2e

    • SHA1

      afe69f1815ab00867789c2668aa0bf566657a850

    • SHA256

      1c42bfcfb910013ebe02adeb6127884de54ea225161d0a7347c05c2c4e6fbf49

    • SHA512

      e95a64e24d909b944f5617c4ac30eb1a106d3999473d77e3a9df889143227b87360d438b32da2108756a47c9f2499c0eed5755e1e4faae187b634a5d345f604e

    Score
    1/10
    behavioral26behavioral27behavioral28behavioral29

    • Target

      .rsync/c/go

    • Size

      396B

    • MD5

      3994503335d9fbcd31036ab1ffadb991

    • SHA1

      487e9e37399497c92f3f54c6a9aa70bc22b781bd

    • SHA256

      d08571c4ff07b1fa285262f5fc5afbe710636cebb1b43f60edc0c9f1a0d7e5c1

    • SHA512

      252af48da5467b089d62f3d80f15bb0b3bb79884b86c232c978284266f0dbcf1df8da7b8e8fb73cba8350406cc15f3bd9b9ecd6120a71566524cede08b8a603d

    Score
    1/10
    behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks