xmrig_linux | hxxps://github[.]com/Lachine1/xmrig-scripts/raw/main/linux[.]sh

General

Target

https://github.com/Lachine1/xmrig-scripts/raw/main/linux.sh
Sample

240706-h7hxpashkf

Score

10^/10

Malware Config

Targets

- Target
  
  https://github.com/Lachine1/xmrig-scripts/raw/main/linux.sh
Score

10^/10

xmrig_linux antivm miner
- XMRig Miner payload
  miner
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig_linux
- Executes dropped EXE
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Legitimate hosting services abused for malware hosting/C2
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

2

T1497

Credential Access

Discovery

System Information Discovery

3

T1082

Virtualization/Sandbox Evasion

2

T1497

Lateral Movement

Collection

Command and Control

Web Service

1

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

XMRig Miner payload

xmrig

Executes dropped EXE

Checks hardware identifiers (DMI)

Legitimate hosting services abused for malware hosting/C2

Reads hardware information

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1

behavioral2