General

  • Target

    9b81bad2111312e669697b69b9f121a1f9519da61cd5d37689e38381c1ffad28.elf

  • Size

    1.7MB

  • Sample

    240521-rjnbyagg27

  • MD5

    44de739950eb4a8a3552b4e1987e8ec2

  • SHA1

    0ae049aab363fb8d2e164150dffbafd332725e00

  • SHA256

    9b81bad2111312e669697b69b9f121a1f9519da61cd5d37689e38381c1ffad28

  • SHA512

    92ec17d3929b16353b40b29eefb5ad1de26621a20dc1c065e7cd9f294a9763844ff8673730d00f1a255ad4d42e06a1fb3171822db59dd20c639d3ff691256a7c

  • SSDEEP

    49152:njEflQ/573nydbeONLwFCRTrgcSzNpZWPU6B:jEflQRTydb/ZwGrwzNpCB

Malware Config

Targets

    • Target

      9b81bad2111312e669697b69b9f121a1f9519da61cd5d37689e38381c1ffad28.elf

    • Size

      1.7MB

    • MD5

      44de739950eb4a8a3552b4e1987e8ec2

    • SHA1

      0ae049aab363fb8d2e164150dffbafd332725e00

    • SHA256

      9b81bad2111312e669697b69b9f121a1f9519da61cd5d37689e38381c1ffad28

    • SHA512

      92ec17d3929b16353b40b29eefb5ad1de26621a20dc1c065e7cd9f294a9763844ff8673730d00f1a255ad4d42e06a1fb3171822db59dd20c639d3ff691256a7c

    • SSDEEP

      49152:njEflQ/573nydbeONLwFCRTrgcSzNpZWPU6B:jEflQRTydb/ZwGrwzNpCB

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Virtualization/Sandbox Evasion

2
T1497

Discovery

Virtualization/Sandbox Evasion

2
T1497

System Information Discovery

3
T1082

Tasks