xmrig_linux | 25232290fa9fa5529240a4e893ce206dfdcfc28d0b3a1b89389f7270f1046822 | Triage

Submit
Reports

Overview

overview

Static

static

1

CrazyShit.py

ubuntu-18.04-amd64

Resubmissions

02-01-2025 21:12

250102-z2cbdswkby 10

02-01-2025 13:20

250102-qlg29stjex 10

14-07-2023 16:40

230714-t6vewafd24 1

14-07-2023 16:39

230714-t5z9qsgc2x 1

Sharing

General

Target

CrazyShit.py
Size

3.8MB
Sample

250102-qlg29stjex
MD5

fec5b820594579f1088db47583d2c62d
SHA1

d422493b47e4798717f2b05a482c97ef9e6b74b9
SHA256

25232290fa9fa5529240a4e893ce206dfdcfc28d0b3a1b89389f7270f1046822
SHA512

4b83dae727bfeab8f83b47155b115c48a921a96cfddc4deaf45b058d9eb4d2d913ce448295bf500ce7cdc22b8ddd2350c168203c8e0a1f36c066bac2efeb0a3d
SSDEEP

49152:AAqGlolDoEcL6ejEKJKQR868tsm94lTdWxYsstZ0cXWhldu4Ps+jj7fBoT:/

Score

10^/10

xmrig_linux antivm discovery execution linux miner

Static task

static1

Behavioral task

behavioral1

Sample

CrazyShit.py

Resource

ubuntu1804-amd64-20240611-en

xmrig_linux antivm discovery execution miner

ubuntu-18.04-amd64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  CrazyShit.py
- Size
  
  3.8MB
- MD5
  
  fec5b820594579f1088db47583d2c62d
- SHA1
  
  d422493b47e4798717f2b05a482c97ef9e6b74b9
- SHA256
  
  25232290fa9fa5529240a4e893ce206dfdcfc28d0b3a1b89389f7270f1046822
- SHA512
  
  4b83dae727bfeab8f83b47155b115c48a921a96cfddc4deaf45b058d9eb4d2d913ce448295bf500ce7cdc22b8ddd2350c168203c8e0a1f36c066bac2efeb0a3d
- SSDEEP
  
  49152:AAqGlolDoEcL6ejEKJKQR868tsm94lTdWxYsstZ0cXWhldu4Ps+jj7fBoT:/
Score

10^/10

xmrig_linux antivm discovery execution miner
- Xmrig_linux family
  xmrig_linux
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig_linux
- Runs EXE from memory
  Runs an executable from memory, likely to minimize footprint
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Python

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xmrig_linuxantivmdiscoveryexecutionminer

© 2018-2025

Terms | Privacy