General

  • Target

    runok1.tar.gz

  • Size

    200B

  • Sample

    241017-aexw5svakm

  • MD5

    c8a63bda7a06ce242a0d8fd7aec24a69

  • SHA1

    52bb167fc4925f6ed7c5351fbee1600a86d47a54

  • SHA256

    9de0a0410f95d1e8d1594b7df632bfa014987e984338423ce768734862e8e6d5

  • SHA512

    131795ba12c731c0542c063942732310d61bd05c46d4327219d6f69d98bae682f8b9f03fb90e2f450b9611b315ef911150fcf113fd4b062da58b51a6aff0894b

Malware Config

Targets

    • Target

      runok1.sh

    • Size

      142B

    • MD5

      425b91f7139485fbaecc3b28a93b682e

    • SHA1

      e4407d765dd13af57948ea4baa16d81878906313

    • SHA256

      5b1099aa137f2c09e9ab16e245cb15857937b23c04b60f2a3b0f36b176237e3d

    • SHA512

      92280fa2aeef5bf43fc20a273b6d9717f7e2107eb719e6593f99bd1d1d38f3f1f97e2dce8be3c61c8e785be5a8e8292702f73ef602749eabdb808706e200e7bf

    • XMRig Miner payload

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks