Overview

overview

10

Static

static

1

sshd

ubuntu-24.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sshd

  • Size

    587B

  • Sample

    250118-z4tcpavlax

  • MD5

    7985d488c7e958843f3275a79e21b071

  • SHA1

    0e133a293963b8e7a63a3d1b62b94e503c5a2d8b

  • SHA256

    f1477f3ecd66541d99201a6d6ceb4b8db7c64e1dd3634d4484da252c42b607de

  • SHA512

    17ab16adac05b7de63a1d3cdc625281bdbaa3da6e4574c405da721c78b378801d142eda0a2e65a06057ee991a7d6de6d0626aac1ccebda2896687fc52ec0b3de

Score
10/10
xmrigxmrig_linuxantivmcredential_accessdefense_evasiondiscoverylinuxminerprivilege_escalation

Malware Config

Targets

    • Target

      sshd

    • Size

      587B

    • MD5

      7985d488c7e958843f3275a79e21b071

    • SHA1

      0e133a293963b8e7a63a3d1b62b94e503c5a2d8b

    • SHA256

      f1477f3ecd66541d99201a6d6ceb4b8db7c64e1dd3634d4484da252c42b607de

    • SHA512

      17ab16adac05b7de63a1d3cdc625281bdbaa3da6e4574c405da721c78b378801d142eda0a2e65a06057ee991a7d6de6d0626aac1ccebda2896687fc52ec0b3de

    Score
    10/10
    xmrigxmrig_linuxantivmcredential_accessdefense_evasiondiscoveryminerprivilege_escalation

    • XMRig Miner payload

      miner

    • Xmrig family

      xmrig

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • OS Credential Dumping

      Adversaries may attempt to dump credentials to use it in password cracking.

      credential_access

    • Abuse Elevation Control Mechanism: Sudo and Sudo Caching

      Abuse sudo or cached sudo credentials to execute code.

      privilege_escalationdefense_evasion

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks