General
-
Target
ee2a1838344c1b22dcea81766204f3692A.sh
-
Size
6KB
-
Sample
241104-x5evksvmfx
-
MD5
5e2f203cb513bf4b210ac61b009df327
-
SHA1
c77e72660d9034fe26137b040a3f073b7725d233
-
SHA256
07f9edc6e718ebcbead64e0a2afda717f9296e76a2a5654c2b50ad7e76cd4106
-
SHA512
7a3519c73104a327731dfa3a8507b72ea95d77f6eb8980bb072aad98c6955f11961d9716cb587cd8173fd9aa359158b91d6d59262cda496b80b32a822acd3247
-
SSDEEP
192:4prsOPBNttuJzzCdEifVHsmVHyC3Kx7OW81nFZBh2A7o7oNcoTuwFoFxuF0y:esOPBNttuJzzC3VHsmVHyCax7M1nFZBV
Malware Config
Targets
-
-
Target
ee2a1838344c1b22dcea81766204f3692A.sh
-
Size
6KB
-
MD5
5e2f203cb513bf4b210ac61b009df327
-
SHA1
c77e72660d9034fe26137b040a3f073b7725d233
-
SHA256
07f9edc6e718ebcbead64e0a2afda717f9296e76a2a5654c2b50ad7e76cd4106
-
SHA512
7a3519c73104a327731dfa3a8507b72ea95d77f6eb8980bb072aad98c6955f11961d9716cb587cd8173fd9aa359158b91d6d59262cda496b80b32a822acd3247
-
SSDEEP
192:4prsOPBNttuJzzCdEifVHsmVHyC3Kx7OW81nFZBh2A7o7oNcoTuwFoFxuF0y:esOPBNttuJzzC3VHsmVHyCax7M1nFZBV
Score10/10-
Xmrig_linux family
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Executes dropped EXE
-
OS Credential Dumping
Adversaries may attempt to dump credentials to use it in password cracking.
-
Abuse Elevation Control Mechanism: Sudo and Sudo Caching
Abuse sudo or cached sudo credentials to execute code.
-
Checks hardware identifiers (DMI)
Checks DMI information which indicate if the system is a virtual machine.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Abuse Elevation Control Mechanism
1Sudo and Sudo Caching
1Virtualization/Sandbox Evasion
2System Checks
2