xmrig | d84bcfd38f8f2a35702ed52ef90fe9bbe7f6a6fbbf2e05814ed4e137fc5730ca | Triage

Submit
Reports

Overview

overview

Static

static

xmrig-6.18.0/xmrig

ubuntu-18.04-amd64

9

Sharing

General

Target

9ed4548c8365a8598b42b202fdecc1e103b4e86f
Size

3.4MB
Sample

230103-a3ny5sbh3x
MD5

14504b9087a90bd7779cfa3477c6fda6
SHA1

9ed4548c8365a8598b42b202fdecc1e103b4e86f
SHA256

d84bcfd38f8f2a35702ed52ef90fe9bbe7f6a6fbbf2e05814ed4e137fc5730ca
SHA512

c8fb95c8baf0ac19071257723018b57546eb26ab412a7ad13c5289f8e80ce1dee7908dac2b5a5748a6104e5c785c6b7cdd1c90b6beebffdce4421bd49f6ad955
SSDEEP

49152:UDkOqS5xu9Za2WmHRz0tB+fnE/NSuOzLLzTnhe+18jTiFgjsh+GE8qQneUd4vBkA:cxu9o2VHqSK5OjzT4qpN4uJjXhK1762T

Score

10^/10

xmrig antivm linux miner

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

xmrig-6.18.0/xmrig

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  xmrig-6.18.0/xmrig
- Size
  
  8.5MB
- MD5
  
  c1e65d481af4e6d4bad74cca4e8737cb
- SHA1
  
  b3b4772f4c175590750e2dac6d62da23cc97cb07
- SHA256
  
  ca52fc8684b345ed2bd1916df7c0b9d3c22441d5b117b1a93a9868caacd032df
- SHA512
  
  deab2a4d8e90e22c5623d478fa08115aff588de782d31d3b3971f854319a2d7c6bcdbc6751fd33b9863a9443c9c27a0863629de08e5c7a6adfad334fa8b436bb
- SSDEEP
  
  196608:Nitud5lYevL8rD8cq8cgXFeyP3gbCkGduks:Nitud5lYevLY4cXcggW3gbDGdu
Score

9^/10

antivm
- Attempts to identify hypervisor via CPU configuration
  Checks CPU information for indicators that the system is a virtual machine.
  antivm
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads CPU attributes
- Enumerates kernel/hardware configuration
  Reads contents of /sys virtual filesystem to enumerate system information.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy