Overview

overview

10

Static

static

7

.xxz/h32

ubuntu-20.04-amd64

.xxz/h64

ubuntu-20.04-amd64

1

.xxz/md

ubuntu-20.04-amd64

10

.xxz/run

ubuntu-18.04-amd64

3

.xxz/run

debian-9-armhf

1

.xxz/run

debian-9-mips

.xxz/run

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52a7a58ecb963aa34792eeaa16c91a1a_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240518-cynhxsgb3t

  • MD5

    52a7a58ecb963aa34792eeaa16c91a1a

  • SHA1

    4c0d70598800801b4a61b5da5ccf7ff22353e68a

  • SHA256

    7f954e17f1f1e3c3def4cbd85acf8b77b0f1911a9b8ced2eb21b7ec6b0ca1826

  • SHA512

    331431c30e7a4fdba1d8e100ed92fa57f888ad422c24d5281f3ff37b7821d7fd8f485666a54d5bc920f028a5241d127386a76fb9f47953f4a30f5e8ea1e9c9c5

  • SSDEEP

    49152:oavLG9eu/7aHo+G6yPWMS1p2jyXapKQ3VwE:hz27+orHOMS1URpF32E

Score
10/10
xmrigantivmlinuxminerupx

Malware Config

Targets

    • Target

      .xxz/h32

    • Size

      14KB

    • MD5

      0d01bd11d1d3e7676613aacb109de55f

    • SHA1

      317f1a5ac392476d32920eeba5d5d5539ea0be2b

    • SHA256

      45ed59d5b27d22567d91a65623d3b7f11726f55b497c383bc2d8d330e5e17161

    • SHA512

      433450c6c4fbf2a9ea7eda816f872283ef548e7c8b35c22c8250d0a2d06f9cda862d64f1de799d635c1541ef7e5650548a7a9a6d3b8e64667dcdb7c471271b58

    • SSDEEP

      192:fjU408Q7akapzlalhJYu4/c0B+4BIEQ1iZcXtCE7hwfn:fjo8QmDpp+MVZYti

    Score
    1/10
    behavioral1

    • Target

      .xxz/h64

    • Size

      818KB

    • MD5

      c644c04bce21dacdeb1e6c14c081e359

    • SHA1

      59f5b21ef8a570c02453b5edb0e750a42a1382f6

    • SHA256

      7fe9d6d8b9390020862ca7dc9e69c1e2b676db5898e4bfad51d66250e9af3eaf

    • SHA512

      0748de2583e3fd33a19b1180875a9e3991b1d5ac403152b65c247a701cf00c70b3ee87e5518e8d9f5102317647a45ed60f7e139c40b88c5396b76aba7d82f076

    • SSDEEP

      12288:Vui9LWdJeS1cm27VCabT/BrVSr5oWOy7jaZH/QQwK54k2QPPVi97ATmsh1FjR8k:VumLWdJeS1cm27VtyXawuKQ3VwAiS1v

    Score
    1/10
    behavioral2

    • Target

      .xxz/md

    • Size

      713KB

    • MD5

      5f507221b1a259751e76aa7f4276c3f5

    • SHA1

      0f5b70e88f0f42a061e6a8c4bc8c10b851a7fde7

    • SHA256

      ee7ba15bae03a8095e0bf432a2f2674f2e78085258f64c137d2ad22bd96815a7

    • SHA512

      5cd21f257152a91a45dd00bd5f80b2a61f454f940eab2c66d8d866a136a9725091a7a16452c5870a949d09f35902f6d32204cc70536e2c21cdd9452e8dffe878

    • SSDEEP

      12288:OK/8PZBb3Lr2XnYLW0lcIyme6fu7f9su7zz4LO4jDx9f7uj+c/j6/Cy0IoSI:OKafnlW0G96fu5su7aVto+G6yH

    Score
    10/10
    xmrigantivmminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner
    behavioral3

    • Target

      .xxz/run

    • Size

      495B

    • MD5

      dfc728a7c269d566af9049b916fb7289

    • SHA1

      2f6b58bb8e2f3a84841c278922aff076ef1c191d

    • SHA256

      77ad3f8ab8742bcbe204136eb2c49f435d582be9c5a05287b527944f33549a28

    • SHA512

      6c05f0bb3122bdd22eae397f6b1788f4eabc28dec94818c83f4da90763a967af9c4891dc04f6cfd2732b85e2d82dda1817476aadcab1ddabed6a4321844665e6

    Score
    3/10
    behavioral4behavioral5behavioral6behavioral7

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks