General
-
Target
main
-
Size
918KB
-
Sample
241030-lnhdlayrft
-
MD5
4567d8c6fc031d7e6ec7e05d7bf0875b
-
SHA1
136ed52d890bc49b5dc2792d8b20511b88c24f9c
-
SHA256
afd21d61ab393e3ee1512b07010756c8718be56ab9fe9b0359127f1e6e306509
-
SHA512
90bb019e9ea322d2d4972bf043bdc2b798b3b5c5d8d42c0641072db64dce2bbfd3d34b7ff6bbefe0d3aabbb3dd54e15e5262dca3065d87f7299f321a173d7d97
-
SSDEEP
12288:qfbx0BUBiCIT+yaXkeG2eNBRvlqoQfGO26dyynbikoYAw:qfbx0xCIT+xXkeGNNB33QR8kB1
Static task
static1
Behavioral task
behavioral1
Sample
main
Resource
ubuntu2204-amd64-20240611-en
Malware Config
Targets
-
-
Target
main
-
Size
918KB
-
MD5
4567d8c6fc031d7e6ec7e05d7bf0875b
-
SHA1
136ed52d890bc49b5dc2792d8b20511b88c24f9c
-
SHA256
afd21d61ab393e3ee1512b07010756c8718be56ab9fe9b0359127f1e6e306509
-
SHA512
90bb019e9ea322d2d4972bf043bdc2b798b3b5c5d8d42c0641072db64dce2bbfd3d34b7ff6bbefe0d3aabbb3dd54e15e5262dca3065d87f7299f321a173d7d97
-
SSDEEP
12288:qfbx0BUBiCIT+yaXkeG2eNBRvlqoQfGO26dyynbikoYAw:qfbx0xCIT+xXkeGNNB33QR8kB1
-
XMRig Miner payload
-
Xmrig family
-
Xmrig_linux family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Checks hardware identifiers (DMI)
Checks DMI information which indicate if the system is a virtual machine.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
2System Checks
2