General
-
Target
f6371d8b3bcc784017d4fbb544550873281cdc4aa4167ffac91526126d3b4e01.elf
-
Size
917KB
-
Sample
241209-djvjcsynaz
-
MD5
b61721fc2ff9db4230c2233b6b03d836
-
SHA1
612bc99ec51fc3fe97bd14a18800ccc268ab0399
-
SHA256
f6371d8b3bcc784017d4fbb544550873281cdc4aa4167ffac91526126d3b4e01
-
SHA512
36cc381527734cb0fefdebffa8c6a9015352ed6f51f77a097614f5f86e6e026b1122a1d8ce3f88e5305ba5c56c03409e2129845c245f1c8abbc850784b118d3c
-
SSDEEP
12288:0Dy10BDiAd3kxXePkui3hp4PI/Z7QrMe8cNyyUbRkoXd:0Dy10Dd3kxXakuiRp4gB7QjAk6
Malware Config
Targets
-
-
Target
f6371d8b3bcc784017d4fbb544550873281cdc4aa4167ffac91526126d3b4e01.elf
-
Size
917KB
-
MD5
b61721fc2ff9db4230c2233b6b03d836
-
SHA1
612bc99ec51fc3fe97bd14a18800ccc268ab0399
-
SHA256
f6371d8b3bcc784017d4fbb544550873281cdc4aa4167ffac91526126d3b4e01
-
SHA512
36cc381527734cb0fefdebffa8c6a9015352ed6f51f77a097614f5f86e6e026b1122a1d8ce3f88e5305ba5c56c03409e2129845c245f1c8abbc850784b118d3c
-
SSDEEP
12288:0Dy10BDiAd3kxXePkui3hp4PI/Z7QrMe8cNyyUbRkoXd:0Dy10Dd3kxXakuiRp4gB7QjAk6
Score10/10-
XMRig Miner payload
-
Xmrig family
-
Xmrig_linux family
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Checks hardware identifiers (DMI)
Checks DMI information which indicate if the system is a virtual machine.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
2System Checks
2