d32b8556e6cb03b6274b1874fd3ad73ba5c5a1aacaba84def8c0f00f0d4ecea1

Resubmissions

20/03/2024, 06:52

240320-hndtmabf8v 10

19/03/2024, 22:55

19/03/2024, 22:06

19/03/2024, 22:03

19/03/2024, 07:56

19/03/2024, 07:27

19/03/2024, 07:23

Analysis

max time kernel
0s
max time network
1044s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
19/03/2024, 07:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

xmrig
Size

5.8MB
MD5

fd4de73efcd750b5d8a548a61084d33c
SHA1

bd4163c2c7f1ea909d901e93677361561263de27
SHA256

d32b8556e6cb03b6274b1874fd3ad73ba5c5a1aacaba84def8c0f00f0d4ecea1
SHA512

488950df2e40793ae89528805c87647c4639e2f3a0a50b3a733130fd95b6faf25304fdf3371f076ab1063f4cbec05510233ba1272c00bb81f78424290c7f6cb7
SSDEEP

98304:PNAvuNeDarlWPtb2aYjDAGAoQGilg7qOZkyxPEai1EzNVA2TiLVCEqs:PkOrlWsIaihCTs

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 13 IoCs

Web Service

T1102

flow	ioc
227	raw.githubusercontent.com
229	raw.githubusercontent.com
262	camo.githubusercontent.com
289	raw.githubusercontent.com
220	camo.githubusercontent.com
224	raw.githubusercontent.com
288	raw.githubusercontent.com
226	raw.githubusercontent.com
234	camo.githubusercontent.com
221	camo.githubusercontent.com
225	raw.githubusercontent.com
228	raw.githubusercontent.com
235	camo.githubusercontent.com

/tmp/xmrig
/tmp/xmrig
1⤵
PID:1577

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads