xmrig_linux | cef2707760086718175235810e3e49a7bbfedce482dee09eef3d302247e97142

General

Target

cef2707760086718175235810e3e49a7bbfedce482dee09eef3d302247e97142
Size

8KB
Sample

240410-rk4qbadg8x
MD5

bcf76b649b5c6016b4071d197b1ce111
SHA1

f4bb851898a35378e6856181cb1ffc18436ed50b
SHA256

cef2707760086718175235810e3e49a7bbfedce482dee09eef3d302247e97142
SHA512

e35efea83573b47adf7464dfdb7b20b86e5f27df8aaef336947c278e48b38b9c955ce97d9583521d7a581c30b0f2a832c5e1b78f2825bb1af99948c4ed2b153e
SSDEEP

192:76l+8H8cGom5Ca3knBdVdlfb0iA98sdrUtvwZMIKopVVFoGpKueJAYdtoEDdUlpW:oAom5ChBv0irsdrUtIZMIXpLaKKueJLJ

Score

10^/10

Malware Config

Targets

- Target
  
  cef2707760086718175235810e3e49a7bbfedce482dee09eef3d302247e97142
- Size
  
  8KB
- MD5
  
  bcf76b649b5c6016b4071d197b1ce111
- SHA1
  
  f4bb851898a35378e6856181cb1ffc18436ed50b
- SHA256
  
  cef2707760086718175235810e3e49a7bbfedce482dee09eef3d302247e97142
- SHA512
  
  e35efea83573b47adf7464dfdb7b20b86e5f27df8aaef336947c278e48b38b9c955ce97d9583521d7a581c30b0f2a832c5e1b78f2825bb1af99948c4ed2b153e
- SSDEEP
  
  192:76l+8H8cGom5Ca3knBdVdlfb0iA98sdrUtvwZMIKopVVFoGpKueJAYdtoEDdUlpW:oAom5ChBv0irsdrUtIZMIXpLaKKueJLJ
Score

10^/10

xmrig_linux antivm miner
- XMRig Miner payload
  miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig_linux
- Executes dropped EXE
- Checks CPU configuration
  Checks CPU information which indicate if the system is a virtual machine.
  antivm
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Enumerates running processes
  Discovers information about currently running processes on the system
- Legitimate hosting services abused for malware hosting/C2
- Reads CPU attributes
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

2

T1497

Credential Access

Discovery

System Information Discovery

3

T1082

Virtualization/Sandbox Evasion

2

T1497

Lateral Movement

Collection

Command and Control

Web Service

1

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

XMRig Miner payload

xmrig

Executes dropped EXE

Checks CPU configuration

Checks hardware identifiers (DMI)

Enumerates running processes

Legitimate hosting services abused for malware hosting/C2

Reads CPU attributes

Reads hardware information

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4