xmrig | 7bc7583c91a5b3880dcb9ae735530d4990d13f67216f08dfa140f927a09c1a87 | Triage

Submit
Reports

Overview

overview

Static

static

1

kernel.sh

ubuntu-18.04-amd64

6

kernel.sh

debian-9-armhf

6

kernel.sh

debian-9-mips

kernel.sh

debian-9-mipsel

Resubmissions

13-12-2024 16:40

241213-t61lwsvjfx 10

13-12-2024 09:54

241213-lw7y8avjgx 10

Sharing

General

Target

kernel.sh
Size

3KB
Sample

241213-lw7y8avjgx
MD5

70b5ca97532b13cf5743c138d213ef1f
SHA1

55ce28f0db3d7fbd69c72d78282b06147df690f9
SHA256

7bc7583c91a5b3880dcb9ae735530d4990d13f67216f08dfa140f927a09c1a87
SHA512

253b9e6eda76101b81522d412fa394da12406997e813f1cc49dcfc57dbf6b432d64829600a2d0413a7ecfce3e6f412f4529eb4a35b278bf5fb3626fc5f7dbfa6

Score

10^/10

xmrig antivm defense_evasion discovery linux miner

Static task

static1

Behavioral task

behavioral1

Sample

kernel.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

kernel.sh

Resource

debian9-armhf-20240729-en

antivm discovery

debian-9-armhf

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

kernel.sh

Resource

debian9-mipsbe-20240611-en

xmrig defense_evasion discovery miner

debian-9-mips

11 signatures

150 seconds

Behavioral task

behavioral4

Sample

kernel.sh

Resource

debian9-mipsel-20240611-en

xmrig defense_evasion discovery miner

debian-9-mipsel

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  kernel.sh
- Size
  
  3KB
- MD5
  
  70b5ca97532b13cf5743c138d213ef1f
- SHA1
  
  55ce28f0db3d7fbd69c72d78282b06147df690f9
- SHA256
  
  7bc7583c91a5b3880dcb9ae735530d4990d13f67216f08dfa140f927a09c1a87
- SHA512
  
  253b9e6eda76101b81522d412fa394da12406997e813f1cc49dcfc57dbf6b432d64829600a2d0413a7ecfce3e6f412f4529eb4a35b278bf5fb3626fc5f7dbfa6
Score

10^/10

discovery antivm xmrig defense_evasion miner
- XMRig Miner payload
  miner
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Attempts to change immutable files
  Modifies inode attributes on the filesystem to allow changing of immutable files.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

antivmdiscovery

behavioral3

xmrigdefense_evasiondiscoveryminer

behavioral4

xmrigdefense_evasiondiscoveryminer

© 2018-2025

Terms | Privacy