General
-
Target
64cee920fe0de7406b82e77d2a050643.bin
-
Size
6KB
-
Sample
230607-cf2mtsgd97
-
MD5
25cfa124305c40387d9e729ba1116f91
-
SHA1
6928b8bdb74cfca68423ce8677f1c92270351b57
-
SHA256
9bbfe48dc57f2f35cb4ddedb2669ced1b6a18a1d1c711ca9b505b8fa6e84a2e1
-
SHA512
465487643a3e9cef8d3e773e91c386c9713a35e9957f99ee4f62ca087eb7d48125d38539649cc288ed31d3dab4900d9d139f7df98dee6b9d2167b787bcfa6c5a
-
SSDEEP
96:7NwYiq4pYWAZ5C/V8gymiO2gkWzZVPdOV1LiD2lg8NTuUdTweUjZHuTv/BmtbCEk:6aWCCymhxkeV8Kilg8VuWjwK/Etd9e
Malware Config
Targets
-
-
Target
3859228f749da18c65d0dab3f5efa45485967db2751a5a5ca604d06e5ff0607b.unknown
-
Size
33KB
-
MD5
64cee920fe0de7406b82e77d2a050643
-
SHA1
4b9f0472a54a14fb88b67ce15d5771ee59c634eb
-
SHA256
3859228f749da18c65d0dab3f5efa45485967db2751a5a5ca604d06e5ff0607b
-
SHA512
5bfc29d014ed5746c015cf4e3695020e66192810227edfd589ab358022df0f8d25d24cd04aa3c3650f47fe6c8fcbe3a4bf05995f484fc8a259678755e8459320
-
SSDEEP
384:aAC6+7pQwKL//OMHDf6jlpTWg3vMGQiirhv6R+wMeWGj4CC9vEKMvU/4Qdre21j/:S7LzQ5VFNcDAFLcIwgnoYq0xFBrHtguz
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Executes dropped EXE
-
Flushes firewall rules
Flushes/ disables firewall rules inside the Linux kernel.
-
Loads a kernel module
Loads a Linux kernel module, potentially to achieve persistence
-
Attempts to change immutable files
Modifies inode attributes on the filesystem to allow changing of immutable files.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Disables AppArmor
Disables AppArmor security module.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads CPU attributes
-