d32b8556e6cb03b6274b1874fd3ad73ba5c5a1aacaba84def8c0f00f0d4ecea1

Resubmissions

20-03-2024 06:52

240320-hndtmabf8v 10

19-03-2024 22:55

19-03-2024 22:06

19-03-2024 22:03

19-03-2024 07:56

19-03-2024 07:27

19-03-2024 07:23

Analysis

max time kernel
0s
max time network
2703s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
19-03-2024 07:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

xmrig
Size

5.8MB
MD5

fd4de73efcd750b5d8a548a61084d33c
SHA1

bd4163c2c7f1ea909d901e93677361561263de27
SHA256

d32b8556e6cb03b6274b1874fd3ad73ba5c5a1aacaba84def8c0f00f0d4ecea1
SHA512

488950df2e40793ae89528805c87647c4639e2f3a0a50b3a733130fd95b6faf25304fdf3371f076ab1063f4cbec05510233ba1272c00bb81f78424290c7f6cb7
SSDEEP

98304:PNAvuNeDarlWPtb2aYjDAGAoQGilg7qOZkyxPEai1EzNVA2TiLVCEqs:PkOrlWsIaihCTs

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs

Web Service

T1102

flow	ioc
275	raw.githubusercontent.com
276	raw.githubusercontent.com
277	raw.githubusercontent.com
279	raw.githubusercontent.com

/tmp/xmrig
/tmp/xmrig
1⤵
PID:1464

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads