xmrig | 45686202b22892494d78824ca3a35345c418f99f6d76a07165d18739d4ce6549 | Triage

Submit
Reports

Overview

overview

Static

static

45686202b2...49.elf

ubuntu-22.04-amd64

6

Resubmissions

30-06-2024 10:59

240630-m3q5qawgqg 10

30-06-2024 10:47

240630-mvxmjawfrh 10

Sharing

General

Target

45686202b22892494d78824ca3a35345c418f99f6d76a07165d18739d4ce6549.elf
Size

4.9MB
Sample

240630-m3q5qawgqg
MD5

0a57ca1f1a9f1eea4c4efb10ee5107c6
SHA1

b0b3e2ca8b29b5cb2386d33b9a3f050f1a5f24f2
SHA256

45686202b22892494d78824ca3a35345c418f99f6d76a07165d18739d4ce6549
SHA512

c52055d400f7e3d3780f8c4e18232fddf3801ac2d4f9eae99ba0c3a7abdc78be163f83149e21904d32429afbdf020c097156e2b038a5ed5d4599ea44efbd8742
SSDEEP

98304:GbvgUa4NyTar5r/DfdTGCJVJIhuSzWh5C/K5b3+9/HyMbqY:sHyTaFDtJUWh5Ft8ySqY

Score

10^/10

xmrig antivm linux miner persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

45686202b22892494d78824ca3a35345c418f99f6d76a07165d18739d4ce6549.elf

Resource

ubuntu2204-amd64-20240522.1-en

antivm persistence

ubuntu-22.04-amd64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  45686202b22892494d78824ca3a35345c418f99f6d76a07165d18739d4ce6549.elf
- Size
  
  4.9MB
- MD5
  
  0a57ca1f1a9f1eea4c4efb10ee5107c6
- SHA1
  
  b0b3e2ca8b29b5cb2386d33b9a3f050f1a5f24f2
- SHA256
  
  45686202b22892494d78824ca3a35345c418f99f6d76a07165d18739d4ce6549
- SHA512
  
  c52055d400f7e3d3780f8c4e18232fddf3801ac2d4f9eae99ba0c3a7abdc78be163f83149e21904d32429afbdf020c097156e2b038a5ed5d4599ea44efbd8742
- SSDEEP
  
  98304:GbvgUa4NyTar5r/DfdTGCJVJIhuSzWh5C/K5b3+9/HyMbqY:sHyTaFDtJUWh5Ft8ySqY
Score

6^/10

antivm persistence
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

antivmpersistence

© 2018-2024

Terms | Privacy