Overview

overview

9

Static

static

1

xmrig.elf

debian-9-armhf

xmrig.elf

debian-9-mips

xmrig.elf

debian-9-mipsel

xmrig.elf

ubuntu-18.04-amd64

9

Resubmissions

07/03/2023, 10:01

230307-l1995she94 9

07/03/2023, 06:25

230307-g65jmage3z 9

20/02/2023, 09:03

230220-kz1tmshg8x 9

Sharing

Copy URL Twitter E-mail

General

  • Target

    xmrig.elf

  • Size

    2.6MB

  • Sample

    230307-l1995she94

  • MD5

    0451bda6456edc1440cb47a487010732

  • SHA1

    5fb5141dcabb6c8ec38f319bf164b8eabd33a1f4

  • SHA256

    0c1cceaa4b42fc3edc8d321e6e46da41539a5d16eca59c9cc0bf1178658afec8

  • SHA512

    41ea130ecf1619c72f0a08ee1baa359d4dff203a88f87e09020a5e48c8b6f26e5cab7e3a935d29e11811c70410a960ea2557f7d12eb9e5c50c434a0ef0f2d025

  • SSDEEP

    49152:aEzLFe9AlLnzzq3c/2znn250Y8lBk9Vl1NfwZ++jmcIQdgMbJ:aaLFe9AlLSnbn28e94ZV1IQdgMt

Score
9/10
antivmlinux

Malware Config

Targets

    • Target

      xmrig.elf

    • Size

      2.6MB

    • MD5

      0451bda6456edc1440cb47a487010732

    • SHA1

      5fb5141dcabb6c8ec38f319bf164b8eabd33a1f4

    • SHA256

      0c1cceaa4b42fc3edc8d321e6e46da41539a5d16eca59c9cc0bf1178658afec8

    • SHA512

      41ea130ecf1619c72f0a08ee1baa359d4dff203a88f87e09020a5e48c8b6f26e5cab7e3a935d29e11811c70410a960ea2557f7d12eb9e5c50c434a0ef0f2d025

    • SSDEEP

      49152:aEzLFe9AlLnzzq3c/2znn250Y8lBk9Vl1NfwZ++jmcIQdgMbJ:aaLFe9AlLSnbn28e94ZV1IQdgMt

    Score
    9/10
    antivm

    • Attempts to identify hypervisor via CPU configuration

      Checks CPU information for indicators that the system is a virtual machine.

      antivm

    • Reads CPU attributes

    • Enumerates kernel/hardware configuration

      Reads contents of /sys virtual filesystem to enumerate system information.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks