myxmrig[.]tgz | Triage

Submit
Reports

Overview

overview

Static

static

.systemd/.i686

ubuntu-22.04-amd64

.systemd/.run

ubuntu-18.04-amd64

.systemd/.run

debian-9-armhf

.systemd/.run

debian-9-mips

.systemd/.run

debian-9-mipsel

.systemd/.x86_64

ubuntu-24.04-amd64

.systemd/auto

ubuntu-18.04-amd64

.systemd/auto

debian-9-armhf

.systemd/auto

debian-9-mips

.systemd/auto

debian-9-mipsel

.systemd/clean

ubuntu-18.04-amd64

.systemd/clean

debian-9-armhf

.systemd/clean

debian-9-mips

.systemd/clean

debian-9-mipsel

.systemd/go

ubuntu-18.04-amd64

.systemd/go

debian-9-armhf

.systemd/go

debian-9-mips

.systemd/go

debian-9-mipsel

.systemd/ntpdate

ubuntu-18.04-amd64

.systemd/ntpdate

debian-9-armhf

.systemd/ntpdate

debian-9-mips

.systemd/ntpdate

debian-9-mipsel

.update/.i686

ubuntu-20.04-amd64

.update/.run

ubuntu-18.04-amd64

.update/.run

debian-9-armhf

.update/.run

debian-9-mips

.update/.run

debian-9-mipsel

.update/.x86_64

ubuntu-22.04-amd64

.update/auth

ubuntu-18.04-amd64

.update/auth

debian-9-armhf

.update/auth

debian-9-mips

.update/auth

debian-9-mipsel

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

1 signatures

Behavioral task

behavioral1

Sample

.systemd/.i686

Resource

ubuntu2204-amd64-20240611-en

discovery

ubuntu-22.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

.systemd/.run

Resource

ubuntu1804-amd64-20240508-en

discovery upx

ubuntu-18.04-amd64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

.systemd/.run

Resource

debian9-armhf-20240611-en

discovery

debian-9-armhf

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

.systemd/.run

Resource

debian9-mipsbe-20240729-en

discovery

debian-9-mips

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

.systemd/.run

Resource

debian9-mipsel-20240611-en

discovery

debian-9-mipsel

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

.systemd/.x86_64

Resource

ubuntu2404-amd64-20240523-en

kaiten botnet discovery

ubuntu-24.04-amd64

6 signatures

150 seconds

Behavioral task

behavioral7

Sample

.systemd/auto

Resource

ubuntu1804-amd64-20240508-en

defense_evasion execution persistence privilege_escalatio

ubuntu-18.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

.systemd/auto

Resource

debian9-armhf-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-armhf

4 signatures

150 seconds

Behavioral task

behavioral9

Sample

.systemd/auto

Resource

debian9-mipsbe-20240729-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mips

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

.systemd/auto

Resource

debian9-mipsel-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mipsel

4 signatures

150 seconds

Behavioral task

behavioral11

Sample

.systemd/clean

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

.systemd/clean

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

.systemd/clean

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

.systemd/clean

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

.systemd/go

Resource

ubuntu1804-amd64-20240729-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

.systemd/go

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

.systemd/go

Resource

debian9-mipsbe-20240729-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

.systemd/go

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

.systemd/ntpdate

Resource

ubuntu1804-amd64-20240611-en

defense_evasion discovery execution persistence privilege_escalatio upx

ubuntu-18.04-amd64

8 signatures

150 seconds

Behavioral task

behavioral20

Sample

.systemd/ntpdate

Resource

debian9-armhf-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-armhf

7 signatures

150 seconds

Behavioral task

behavioral21

Sample

.systemd/ntpdate

Resource

debian9-mipsbe-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mips

8 signatures

150 seconds

Behavioral task

behavioral22

Sample

.systemd/ntpdate

Resource

debian9-mipsel-20240418-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mipsel

8 signatures

150 seconds

Behavioral task

behavioral23

Sample

.update/.i686

Resource

ubuntu2004-amd64-20240611-en

antivm discovery execution persistence privilege_escalatio

ubuntu-20.04-amd64

11 signatures

150 seconds

Behavioral task

behavioral24

Sample

.update/.run

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

.update/.run

Resource

debian9-armhf-20240729-en

debian-9-armhf

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

.update/.run

Resource

debian9-mipsbe-20240729-en

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

.update/.run

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

.update/.x86_64

Resource

ubuntu2204-amd64-20240611-en

xmrig antivm discovery execution miner persistence privilege_escalatio

ubuntu-22.04-amd64

14 signatures

150 seconds

Behavioral task

behavioral29

Sample

.update/auth

Resource

ubuntu1804-amd64-20240508-en

discovery persistence privilege_escalation

ubuntu-18.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

.update/auth

Resource

debian9-armhf-20240611-en

discovery persistence privilege_escalation

debian-9-armhf

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

.update/auth

Resource

debian9-mipsbe-20240611-en

discovery persistence privilege_escalation

debian-9-mips

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

.update/auth

Resource

debian9-mipsel-20240729-en

discovery persistence privilege_escalation

debian-9-mipsel

3 signatures

150 seconds

General

Target

myxmrig.tgz
Size

7.7MB
MD5

2ec67d8da4b24291da6ed89c45afd347
SHA1

8b9dbae7e18f7f37dd5dfaaddbfe368afcbe9a07
SHA256

0de9266af49aab24256c289d39e86649d978d5a4c9d0ff2041a22140b88ea688
SHA512

fb487062eab467a870e012885cd95accc77d9c8d6a8e4ed010e7d7ca7669ef223d628dd984673697c3997b744ae1e80c57fd6f3a2562269171cc9d9bdaa71b1a
SSDEEP

196608:fle+4MUiVMWN1hL8jDGBz+kGkFbZHPZugY17N4OtN0CLz1O:fQ+OWN1hYioD6bpE7/pLzc

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 6 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack002/.systemd/.i686	upx
static1/unpack002/.systemd/.x86_64	upx
static1/unpack002/.update/.i686	upx
static1/unpack002/.update/.x86_64	upx
static1/unpack002/.update/pwnKey	upx
static1/unpack002/.update/upx	upx

Files

myxmrig.tgz
.gz
sample
.tar
.systemd/.i686
.elf linux x86
.systemd/.run
.sh linux
.systemd/.x86_64
.elf linux x64
.systemd/auto
.sh linux
.systemd/clean
.sh linux
.systemd/go
.sh linux
.systemd/ntpdate
.sh linux
.update/.i686
.elf linux x86
.update/.run
.sh linux
.update/.x86_64
.elf linux x64
.update/auth
.sh linux
.update/auto
.sh linux
.update/clean
.sh linux
.update/curl
.elf linux x86
.update/go
.sh linux
.update/libprocesshider.so
.elf linux x64
.update/mail
.sh linux
.update/mig
.elf linux x64
.update/ntpdate
.sh linux
.update/pwn
.sh linux
.update/pwnKey
.elf linux x64
.update/stop
.sh .ps1 linux polyglot
.update/timeout
.elf linux x64
.update/upx
.elf linux x86