xmrig | 7bc7583c91a5b3880dcb9ae735530d4990d13f67216f08dfa140f927a09c1a87 | Triage

Submit
Reports

Overview

overview

Static

static

1

kernel.sh

ubuntu-24.04-amd64

Resubmissions

13-12-2024 16:40

241213-t61lwsvjfx 10

13-12-2024 09:54

241213-lw7y8avjgx 10

Sharing

General

Target

kernel.sh
Size

3KB
Sample

241213-t61lwsvjfx
MD5

70b5ca97532b13cf5743c138d213ef1f
SHA1

55ce28f0db3d7fbd69c72d78282b06147df690f9
SHA256

7bc7583c91a5b3880dcb9ae735530d4990d13f67216f08dfa140f927a09c1a87
SHA512

253b9e6eda76101b81522d412fa394da12406997e813f1cc49dcfc57dbf6b432d64829600a2d0413a7ecfce3e6f412f4529eb4a35b278bf5fb3626fc5f7dbfa6

Score

10^/10

xmrig xmrig_linux antivm defense_evasion discovery linux miner

Static task

static1

Behavioral task

behavioral1

Sample

kernel.sh

Resource

ubuntu2404-amd64-20240523-en

xmrig xmrig_linux antivm defense_evasion discovery miner

ubuntu-24.04-amd64

16 signatures

1800 seconds

Malware Config

Targets

- Target
  
  kernel.sh
- Size
  
  3KB
- MD5
  
  70b5ca97532b13cf5743c138d213ef1f
- SHA1
  
  55ce28f0db3d7fbd69c72d78282b06147df690f9
- SHA256
  
  7bc7583c91a5b3880dcb9ae735530d4990d13f67216f08dfa140f927a09c1a87
- SHA512
  
  253b9e6eda76101b81522d412fa394da12406997e813f1cc49dcfc57dbf6b432d64829600a2d0413a7ecfce3e6f412f4529eb4a35b278bf5fb3626fc5f7dbfa6
Score

10^/10

xmrig xmrig_linux antivm defense_evasion discovery miner
- XMRig Miner payload
  miner
- Xmrig family
  xmrig
- Xmrig_linux family
  xmrig_linux
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig_linux
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Attempts to change immutable files
  Modifies inode attributes on the filesystem to allow changing of immutable files.
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrigxmrig_linuxantivmdefense_evasiondiscoveryminer

© 2018-2025

Terms | Privacy