Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

xmr_linux_amd64

ubuntu-18.04-amd64

10

xmr_linux_amd64

ubuntu-20.04-amd64

10

xmr_linux_amd64

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xmr_linux_amd64

  • Size

    8.7MB

  • Sample

    240829-fchmbswdkn

  • MD5

    aff9d4675fdb21bb30e23ab1466b5841

  • SHA1

    bed1388ccca38218fa67ac7670b0e13bf759702e

  • SHA256

    5f3e06f187c4088882133251e9ee6a03e8f11c73354af3bd6fd7c010b46e78f0

  • SHA512

    2ed958de56fa264446d7d85d36c05e693926a6bfeed6d58aeea7aa1d6f595c94b71472c75834c3edc71ffefc4c3fc59a5362e377ee93c651637d77dc20c9ecf0

  • SSDEEP

    98304:6OiwcvRyACNEbruhSGwXUEvNPHbZNcRsR:diNCKbreqv9bZNcRsR

Score
10/10
xmrigxmrig_linuxantivmevasionlinuxminer

Malware Config

Targets

    • Target

      xmr_linux_amd64

    • Size

      8.7MB

    • MD5

      aff9d4675fdb21bb30e23ab1466b5841

    • SHA1

      bed1388ccca38218fa67ac7670b0e13bf759702e

    • SHA256

      5f3e06f187c4088882133251e9ee6a03e8f11c73354af3bd6fd7c010b46e78f0

    • SHA512

      2ed958de56fa264446d7d85d36c05e693926a6bfeed6d58aeea7aa1d6f595c94b71472c75834c3edc71ffefc4c3fc59a5362e377ee93c651637d77dc20c9ecf0

    • SSDEEP

      98304:6OiwcvRyACNEbruhSGwXUEvNPHbZNcRsR:diNCKbreqv9bZNcRsR

    Score
    10/10
    xmrigantivmevasionminerxmrig_linux

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

    • Reads list of loaded kernel modules

      Reads the list of currently loaded kernel modules, possibly to detect virtual environments.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.