General
-
Target
5531f59f87bca7e0c35846051362d51de071afb8533a55a248b0af4650465a5f.elf
-
Size
918KB
-
Sample
241117-ptre8syrgt
-
MD5
70a741de589e0538307850cf036bde70
-
SHA1
a35398ef7cf835937c30f1c60d3db82f035dcb47
-
SHA256
5531f59f87bca7e0c35846051362d51de071afb8533a55a248b0af4650465a5f
-
SHA512
f4f3747b49792e217056c19d1d5add4d4b1c6aa37ef2aa7c8914d0f9f3bfcb0db22444b9879b32f4d2706537bef26577d566e8c1ad1768cc0fd5834c70d0d5b4
-
SSDEEP
12288:zRwB0BGilgQ0UrlPkui3hp4CUSpLPo7EuozpyyUbRkoXd:zRwB0jgQ0UrFkuiRp45+LPoL1k6
Static task
static1
Behavioral task
behavioral1
Sample
5531f59f87bca7e0c35846051362d51de071afb8533a55a248b0af4650465a5f.elf
Resource
ubuntu2004-amd64-20240611-en
Malware Config
Targets
-
-
Target
5531f59f87bca7e0c35846051362d51de071afb8533a55a248b0af4650465a5f.elf
-
Size
918KB
-
MD5
70a741de589e0538307850cf036bde70
-
SHA1
a35398ef7cf835937c30f1c60d3db82f035dcb47
-
SHA256
5531f59f87bca7e0c35846051362d51de071afb8533a55a248b0af4650465a5f
-
SHA512
f4f3747b49792e217056c19d1d5add4d4b1c6aa37ef2aa7c8914d0f9f3bfcb0db22444b9879b32f4d2706537bef26577d566e8c1ad1768cc0fd5834c70d0d5b4
-
SSDEEP
12288:zRwB0BGilgQ0UrlPkui3hp4CUSpLPo7EuozpyyUbRkoXd:zRwB0jgQ0UrFkuiRp45+LPoL1k6
-
XMRig Miner payload
-
Xmrig family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Checks hardware identifiers (DMI)
Checks DMI information which indicate if the system is a virtual machine.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
2System Checks
2