Overview
overview
7Static
static
7SRBMiner-M...tar.gz
ubuntu-22.04-amd64
sample.tar
ubuntu-22.04-amd64
SRBMiner-M...Me.txt
ubuntu-22.04-amd64
SRBMiner-M...-MULTI
ubuntu-22.04-amd64
6SRBMiner-M...tup.sh
ubuntu-22.04-amd64
1SRBMiner-M...elp.sh
ubuntu-22.04-amd64
1SRBMiner-M...hms.sh
ubuntu-22.04-amd64
1SRBMiner-M...ces.sh
ubuntu-22.04-amd64
1Analysis
-
max time kernel
133s -
max time network
130s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20240611-en -
resource tags
arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system -
submitted
27-06-2024 09:35
Behavioral task
behavioral1
Sample
SRBMiner-Multi-2-5-4-Linux.tar.gz
Resource
ubuntu2204-amd64-20240611-en
Behavioral task
behavioral2
Sample
sample.tar
Resource
ubuntu2204-amd64-20240611-en
Behavioral task
behavioral3
Sample
SRBMiner-Multi-2-5-4/ReadMe.txt
Resource
ubuntu2204-amd64-20240522.1-en
Behavioral task
behavioral4
Sample
SRBMiner-Multi-2-5-4/SRBMiner-MULTI
Resource
ubuntu2204-amd64-20240611-en
Behavioral task
behavioral5
Sample
SRBMiner-Multi-2-5-4/guided-setup.sh
Resource
ubuntu2204-amd64-20240611-en
Behavioral task
behavioral6
Sample
SRBMiner-Multi-2-5-4/help.sh
Resource
ubuntu2204-amd64-20240611-en
Behavioral task
behavioral7
Sample
SRBMiner-Multi-2-5-4/list-algorithms.sh
Resource
ubuntu2204-amd64-20240522.1-en
Behavioral task
behavioral8
Sample
SRBMiner-Multi-2-5-4/list-gpu-devices.sh
Resource
ubuntu2204-amd64-20240611-en
General
-
Target
SRBMiner-Multi-2-5-4/SRBMiner-MULTI
-
Size
21.9MB
-
MD5
a181d503df29adc73d3ee066a4040177
-
SHA1
7d7cc4b8ad33d7a676ce67a2fdc79f7df32a7802
-
SHA256
778c3c2ba477bb0d992423fb8b65d7e44e251aaba58ac1e5ea9c90c849436af0
-
SHA512
df6a69222684eab3f40a2dda9ad8908d2aea51794a15b7e02cd83fe5984e1dd9bbbcc96e43f2fa22faa102e7d93b01ae1198083d21cc74a9bf59477d5b6573fe
-
SSDEEP
393216:cdNqyHrm3y3Xipw3MGnK5Zw5TlMF2jED9W6D73TgXzannBf8/sVkWmimT291QNf+:Y7q3kmjGGy5ED/DlB4Ck9s
Malware Config
Signatures
-
Checks hardware identifiers (DMI) 1 TTPs 4 IoCs
Checks DMI information which indicate if the system is a virtual machine.
Processes:
SRBMiner-MULTIdescription ioc process File opened for reading /sys/devices/virtual/dmi/id/board_vendor SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/bios_vendor SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/sys_vendor SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/product_name SRBMiner-MULTI -
Reads hardware information 1 TTPs 14 IoCs
Accesses system info like serial numbers, manufacturer names etc.
Processes:
SRBMiner-MULTIdescription ioc process File opened for reading /sys/devices/virtual/dmi/id/chassis_asset_tag SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/board_asset_tag SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/product_serial SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/product_uuid SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/board_version SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/chassis_version SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/chassis_serial SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/bios_date SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/product_version SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/bios_version SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/board_serial SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/chassis_vendor SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/chassis_type SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id/board_name SRBMiner-MULTI -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
Processes:
SRBMiner-MULTIdescription ioc process File opened for reading /proc/cpuinfo SRBMiner-MULTI -
Reads CPU attributes 1 TTPs 2 IoCs
Processes:
SRBMiner-MULTIdescription ioc process File opened for reading /sys/devices/system/cpu/online SRBMiner-MULTI File opened for reading /sys/devices/system/cpu/possible SRBMiner-MULTI -
Enumerates kernel/hardware configuration 1 TTPs 51 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
Processes:
SRBMiner-MULTIdescription ioc process File opened for reading /sys/bus/cpu/devices/cpu0/cache/index8/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/number_of_sets SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/level SRBMiner-MULTI File opened for reading /sys/devices/virtual/dmi/id SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/coherency_line_size SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/coherency_line_size SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index4/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/topology/core_cpus SRBMiner-MULTI File opened for reading /sys/bus/dax/target_node SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/physical_line_partition SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index6/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/topology/package_cpus SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/number_of_sets SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/level SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index5/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/topology/die_cpus SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index1/level SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/size SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/number_of_sets SRBMiner-MULTI File opened for reading /sys/bus/node/devices/node0/cpumap SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/topology/core_id SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index9/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/topology/physical_package_id SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/type SRBMiner-MULTI File opened for reading /sys/bus/node/devices/node0/access0/initiators SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/type SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index1/type SRBMiner-MULTI File opened for reading /sys/devices/system/node/online SRBMiner-MULTI File opened for reading /sys/bus/node/devices/node0/hugepages/hugepages-2048kB/nr_hugepages SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/size SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index3/physical_line_partition SRBMiner-MULTI File opened for reading /sys/bus/node/devices/node0/meminfo SRBMiner-MULTI File opened for reading /sys/bus/dax/devices SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index1/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/type SRBMiner-MULTI File opened for reading /sys/devices/system/cpu SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/coherency_line_size SRBMiner-MULTI File opened for reading /sys/bus/node/devices/node0/hugepages SRBMiner-MULTI File opened for reading /sys/bus/node/devices/node0/hugepages/hugepages-1048576kB/nr_hugepages SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/size SRBMiner-MULTI File opened for reading /sys/kernel/mm/hugepages SRBMiner-MULTI File opened for reading /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages SRBMiner-MULTI File opened for reading /sys/bus/dax/devices/target_node SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/level SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index0/physical_line_partition SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index2/shared_cpu_map SRBMiner-MULTI File opened for reading /sys/bus/cpu/devices/cpu0/cache/index7/shared_cpu_map SRBMiner-MULTI -
Reads runtime system information 7 IoCs
Reads data from /proc virtual filesystem.
Processes:
SRBMiner-MULTIdescription ioc process File opened for reading /proc/driver/nvidia/gpus SRBMiner-MULTI File opened for reading /proc/elog SRBMiner-MULTI File opened for reading /proc/self/exe SRBMiner-MULTI File opened for reading /proc/self/status SRBMiner-MULTI File opened for reading /proc/1/cmdline SRBMiner-MULTI File opened for reading /proc/mounts SRBMiner-MULTI File opened for reading /proc/meminfo SRBMiner-MULTI