Overview

overview

10

Static

static

1

linux_version

ubuntu-18.04-amd64

10

linux_version

ubuntu-20.04-amd64

10

linux_version

ubuntu-22.04-amd64

10

linux_version

ubuntu-24.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    linux_version

  • Size

    6.8MB

  • Sample

    240825-yg72ws1fpd

  • MD5

    b1d7193b60e93d293689e2303cf332c9

  • SHA1

    471d23ab3012e84fd0ff81b74ea2f7c8472de20d

  • SHA256

    f649ad75749bec6ce9cd58073af60687af83a253dbf5806adac6571da0012d04

  • SHA512

    d48309be4919de0048dee291f4d49e63737364e80d873bf6ea516c4d32f5552c9350fa3364c1e1917827f78fce63a9171f735aa1bde27095fc114f1ec01cc6be

  • SSDEEP

    98304:BLgiVSwDwUC2M42EF/nQ3249addaDz+UlSQB:BLgePDwUCoo2ctqUlSQB

Score
10/10
xmrigxmrig_linuxantivmlinuxminer

Malware Config

Targets

    • Target

      linux_version

    • Size

      6.8MB

    • MD5

      b1d7193b60e93d293689e2303cf332c9

    • SHA1

      471d23ab3012e84fd0ff81b74ea2f7c8472de20d

    • SHA256

      f649ad75749bec6ce9cd58073af60687af83a253dbf5806adac6571da0012d04

    • SHA512

      d48309be4919de0048dee291f4d49e63737364e80d873bf6ea516c4d32f5552c9350fa3364c1e1917827f78fce63a9171f735aa1bde27095fc114f1ec01cc6be

    • SSDEEP

      98304:BLgiVSwDwUC2M42EF/nQ3249addaDz+UlSQB:BLgePDwUCoo2ctqUlSQB

    Score
    10/10
    xmrig_linuxantivmminerxmrig

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Legitimate hosting services abused for malware hosting/C2

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks