General

  • Target

    linux_version

  • Size

    6.8MB

  • Sample

    240825-yg72ws1fpd

  • MD5

    b1d7193b60e93d293689e2303cf332c9

  • SHA1

    471d23ab3012e84fd0ff81b74ea2f7c8472de20d

  • SHA256

    f649ad75749bec6ce9cd58073af60687af83a253dbf5806adac6571da0012d04

  • SHA512

    d48309be4919de0048dee291f4d49e63737364e80d873bf6ea516c4d32f5552c9350fa3364c1e1917827f78fce63a9171f735aa1bde27095fc114f1ec01cc6be

  • SSDEEP

    98304:BLgiVSwDwUC2M42EF/nQ3249addaDz+UlSQB:BLgePDwUCoo2ctqUlSQB

Malware Config

Targets

    • Target

      linux_version

    • Size

      6.8MB

    • MD5

      b1d7193b60e93d293689e2303cf332c9

    • SHA1

      471d23ab3012e84fd0ff81b74ea2f7c8472de20d

    • SHA256

      f649ad75749bec6ce9cd58073af60687af83a253dbf5806adac6571da0012d04

    • SHA512

      d48309be4919de0048dee291f4d49e63737364e80d873bf6ea516c4d32f5552c9350fa3364c1e1917827f78fce63a9171f735aa1bde27095fc114f1ec01cc6be

    • SSDEEP

      98304:BLgiVSwDwUC2M42EF/nQ3249addaDz+UlSQB:BLgePDwUCoo2ctqUlSQB

    • XMRig Miner payload

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Executes dropped EXE

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

    • Legitimate hosting services abused for malware hosting/C2

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

MITRE ATT&CK Enterprise v15

Tasks