xmrig | 40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681 | Triage

Submit
Reports

Overview

overview

Static

static

1

40ae63b1ff...681.sh

ubuntu-18.04-amd64

6

40ae63b1ff...681.sh

debian-9-armhf

6

40ae63b1ff...681.sh

debian-9-mips

40ae63b1ff...681.sh

debian-9-mipsel

Sharing

General

Target

40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681.sh
Size

3KB
Sample

241228-cp2n7atnh1
MD5

03cfaa6e131dd4ea1c7807517d4376d6
SHA1

d21b174325a36f93d7703ea4d3b79ef0a1acca07
SHA256

40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681
SHA512

d75a5963f4e8d831d0284b927292141dde345d76ea5c15f2d448cf99f3b9175f6e3752dc68cae03a3e6f73e0046c54005593cb7305eb1e25a290be8db0dcbcd9

Score

10^/10

xmrig antivm defense_evasion discovery linux miner

Static task

static1

Behavioral task

behavioral1

Sample

40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681.sh

Resource

ubuntu1804-amd64-20240729-en

ubuntu-18.04-amd64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681.sh

Resource

debian9-armhf-20240729-en

antivm discovery

debian-9-armhf

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681.sh

Resource

debian9-mipsbe-20240611-en

xmrig defense_evasion discovery miner

debian-9-mips

11 signatures

150 seconds

Behavioral task

behavioral4

Sample

40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681.sh

Resource

debian9-mipsel-20240611-en

xmrig defense_evasion discovery miner

debian-9-mipsel

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681.sh
- Size
  
  3KB
- MD5
  
  03cfaa6e131dd4ea1c7807517d4376d6
- SHA1
  
  d21b174325a36f93d7703ea4d3b79ef0a1acca07
- SHA256
  
  40ae63b1ffcb46225bde34c0c6a8dbc8a8cca0b19755143cfe1c1ed7575bf681
- SHA512
  
  d75a5963f4e8d831d0284b927292141dde345d76ea5c15f2d448cf99f3b9175f6e3752dc68cae03a3e6f73e0046c54005593cb7305eb1e25a290be8db0dcbcd9
Score

10^/10

discovery antivm xmrig defense_evasion miner
- XMRig Miner payload
  miner
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Attempts to change immutable files
  Modifies inode attributes on the filesystem to allow changing of immutable files.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

antivmdiscovery

behavioral3

xmrigdefense_evasiondiscoveryminer

behavioral4

xmrigdefense_evasiondiscoveryminer

© 2018-2025

Terms | Privacy