xmrig

Sharing

General

Target

runnb.sh
Size

213B
Sample

241030-h3gh3azmgm
MD5

a1189543e2f98f6696c6d857b899ab0a
SHA1

30b167128357a05cb5ae4d8bd386d63839d99c4d
SHA256

a5951456684af2a46da1bcd8c820221c97b13a439db465c2b671fa3180d838d6
SHA512

472e7cd110beb4c0ff9990763988190c875dccecc726753e295d4419413bfd14ed867a9a5977adf2d6e87d6e80f18abbdd0a929473f02bbfb24e1531e71d7aef

Score

10^/10

Malware Config

Targets

- Target
  
  runnb.sh
- Size
  
  213B
- MD5
  
  a1189543e2f98f6696c6d857b899ab0a
- SHA1
  
  30b167128357a05cb5ae4d8bd386d63839d99c4d
- SHA256
  
  a5951456684af2a46da1bcd8c820221c97b13a439db465c2b671fa3180d838d6
- SHA512
  
  472e7cd110beb4c0ff9990763988190c875dccecc726753e295d4419413bfd14ed867a9a5977adf2d6e87d6e80f18abbdd0a929473f02bbfb24e1531e71d7aef
Score

10^/10

xmrig xmrig_linux antivm credential_access defense_evasion discovery miner privilege_escalation execution persistence
- XMRig Miner payload
  miner
- Xmrig family
  xmrig
- Xmrig_linux family
  xmrig_linux
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig_linux
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- OS Credential Dumping
  Adversaries may attempt to dump credentials to use it in password cracking.
  credential_access
- Abuse Elevation Control Mechanism: Sudo and Sudo Caching
  Abuse sudo or cached sudo credentials to execute code.
  privilege_escalation defense_evasion
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Checks mountinfo of local process
  Checks mountinfo of running processes which indicate if it is running in chroot jail.
  antivm
- Deletes log files
  Deletes log files on the system.
  defense_evasion
- Legitimate hosting services abused for malware hosting/C2
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
  discovery
- Write file to user bin folder
  persistence
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5 behavioral6 behavioral7 behavioral8 behavioral9