xmrig | 7c4ffc37b13d93d28a86f67b8881f60194b3c6bb00328503172b2c40a549ad20 | Triage

Submit
Reports

Overview

overview

Static

static

watchdog

linux_amd64

9

Sharing

General

Target

watchdog
Size

7.6MB
Sample

220523-lxd3jacgc4
MD5

ccb0e747a4302e226bf76753c177b6ef
SHA1

44cdfa426530347da8e6e2a0820cd59d5a5eb2ca
SHA256

7c4ffc37b13d93d28a86f67b8881f60194b3c6bb00328503172b2c40a549ad20
SHA512

1972023ba90711f38568fbc3e5cc67bc7bbe5af8ff29a05e5b25f85f6ac1b342e8e504751e7553987ac45f35245a2b090c9cf95a5468d32a048b2b56fc9091aa

Score

10^/10

xmrig antivm linux miner

Static task

static1

Behavioral task

behavioral1

Sample

watchdog

Resource

ubuntu1804-amd64-en-20211208

linux_amd64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  watchdog
- Size
  
  7.6MB
- MD5
  
  ccb0e747a4302e226bf76753c177b6ef
- SHA1
  
  44cdfa426530347da8e6e2a0820cd59d5a5eb2ca
- SHA256
  
  7c4ffc37b13d93d28a86f67b8881f60194b3c6bb00328503172b2c40a549ad20
- SHA512
  
  1972023ba90711f38568fbc3e5cc67bc7bbe5af8ff29a05e5b25f85f6ac1b342e8e504751e7553987ac45f35245a2b090c9cf95a5468d32a048b2b56fc9091aa
Score

9^/10

antivm
- Attempts to identify hypervisor via CPU configuration
  Checks CPU information for indicators that the system is a virtual machine.
  antivm
- Reads CPU attributes
- Enumerates kernel/hardware configuration
  Reads contents of /sys virtual filesystem to enumerate system information.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy