Overview

overview

10

Static

static

10

JDaKy487ge....0.zip

ubuntu-18.04-amd64

config.json

ubuntu-18.04-amd64

xmrig

ubuntu-18.04-amd64

10

xmrig(Copy 10)

ubuntu-18.04-amd64

10

xmrig(Copy 2)

ubuntu-18.04-amd64

10

xmrig(Copy 3)

ubuntu-18.04-amd64

10

xmrig(Copy 4)

ubuntu-18.04-amd64

10

xmrig(Copy 5)

ubuntu-18.04-amd64

10

xmrig(Copy 6)

ubuntu-18.04-amd64

10

xmrig(Copy 7)

ubuntu-18.04-amd64

10

xmrig(Copy 8)

ubuntu-18.04-amd64

10

xmrig(Copy 9)

ubuntu-18.04-amd64

10

xmrig(Copy)

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JDaKy487gebjsGf63v&-6.22.0.zip

  • Size

    37.6MB

  • Sample

    241029-1vhp9ssjfm

  • MD5

    667cbdd14bb76dfe9eec3e0c66de8c3d

  • SHA1

    1fa07427e1971a04e39048061c3fd6eb4d527786

  • SHA256

    086cdc9c548b827f5261cd90859e270e3bd58c32b0cd5efb214a3ac67f68f545

  • SHA512

    3eec6906bf66f3a020269f92e48fcd18f0d20d08b331ba17eaacf173f2e93beefa9e992cad72668d2562a15bd8621cfc965eb4ecebe13caa7d67f07b2368bdcc

  • SSDEEP

    786432:FVEW9H3zVEW9H3zVEW9H3+VEW9H35VEW9H3UVEW9H3vVEW9H3aVEW9H31VEW9H3J:FVEcXzVEcXzVEcX+VEcX5VEcXUVEcXvo

Score
10/10
xmrigxmrig_linuxantivmdiscoverylinuxminer

Malware Config

Targets

    • Target

      JDaKy487gebjsGf63v&-6.22.0.zip

    • Size

      37.6MB

    • MD5

      667cbdd14bb76dfe9eec3e0c66de8c3d

    • SHA1

      1fa07427e1971a04e39048061c3fd6eb4d527786

    • SHA256

      086cdc9c548b827f5261cd90859e270e3bd58c32b0cd5efb214a3ac67f68f545

    • SHA512

      3eec6906bf66f3a020269f92e48fcd18f0d20d08b331ba17eaacf173f2e93beefa9e992cad72668d2562a15bd8621cfc965eb4ecebe13caa7d67f07b2368bdcc

    • SSDEEP

      786432:FVEW9H3zVEW9H3zVEW9H3+VEW9H35VEW9H3UVEW9H3vVEW9H3aVEW9H31VEW9H3J:FVEcXzVEcXzVEcX+VEcX5VEcXUVEcXvo

    Score
    3/10
    discovery
    behavioral1

    • Target

      config.json

    • Size

      2KB

    • MD5

      c8860ccc282e0d13c5435aa5b92678c5

    • SHA1

      48485eaaf63f656db9a6990f93a396aadf94db1c

    • SHA256

      b2a242fe5f33aae2f7570efa0dd63194c8045611c2f48d838a7a721b0c82e315

    • SHA512

      71453ee3a7f47c94c6e90273a8a3116377c0f2ad67def31b3e7a0fee61f90a1f7baadf96c64b951994d322f18eee89816ae15cfbf803168b8ebf4744c070fc9c

    Score
    1/10
    behavioral2

    • Target

      xmrig

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral3

    • Target

      xmrig(Copy 10)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral4

    • Target

      xmrig(Copy 2)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral5

    • Target

      xmrig(Copy 3)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral6

    • Target

      xmrig(Copy 4)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral7

    • Target

      xmrig(Copy 5)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral8

    • Target

      xmrig(Copy 6)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral9

    • Target

      xmrig(Copy 7)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral10

    • Target

      xmrig(Copy 8)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral11

    • Target

      xmrig(Copy 9)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral12

    • Target

      xmrig(Copy)

    • Size

      7.9MB

    • MD5

      51f989c19819a0a0625c251df6affe95

    • SHA1

      3b27c895b6f9665f9287510207bfcdcb7fe6e059

    • SHA256

      fd11982f252c060a1372e81d5be57589647052b56281a5c54975ca22164f7726

    • SHA512

      ec8ce7d1960f9ae564d5654a35e2ad108ed900f3f56b38dfe4601be0db49c1a3cd9c643307b72c2bfc0c157d2640a62343cd7377f68d29327104e0e78b4bdfbd

    • SSDEEP

      98304:XKMjbl9nPlFyVrEpdzukkzX0cEcCcons+qh3grgPEm7eXYPi1Q8l+Zjk/VA264cV:v/Fyepw7eIg+xuZNhXUVZ+5u3E3

    Score
    10/10
    xmrig_linuxantivmdiscoveryminer

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral13

MITRE ATT&CK Enterprise v15

Tasks