Overview

overview

10

Static

static

1

ubuntu.sh

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ubuntu.sh

  • Size

    688B

  • Sample

    250328-g8m3cssxgv

  • MD5

    a0d07e8a86f676c2511c4e008deaea27

  • SHA1

    4f582683227853859f13025335f1be7143657d6b

  • SHA256

    7ffdeaf987f3fb3f197f59c6b892ade5eabbc5589ca1271168fc5aa98a2254e7

  • SHA512

    3f348424374d720321777aada9f9269372427019d8b72159b4393f06756612f3136b1fe8881681d027f1268167625d71bc87bc5d170359d4fc42fb7e873b1cc4

Score
10/10
xmrigxmrig_linuxdefense_evasiondiscoverylinuxminerprivilege_escalation

Malware Config

Targets

    • Target

      ubuntu.sh

    • Size

      688B

    • MD5

      a0d07e8a86f676c2511c4e008deaea27

    • SHA1

      4f582683227853859f13025335f1be7143657d6b

    • SHA256

      7ffdeaf987f3fb3f197f59c6b892ade5eabbc5589ca1271168fc5aa98a2254e7

    • SHA512

      3f348424374d720321777aada9f9269372427019d8b72159b4393f06756612f3136b1fe8881681d027f1268167625d71bc87bc5d170359d4fc42fb7e873b1cc4

    Score
    10/10
    xmrigxmrig_linuxdefense_evasiondiscoveryminerprivilege_escalation

    • XMRig Miner payload

      miner

    • Xmrig family

      xmrig

    • Xmrig_linux family

      xmrig_linux

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Abuse Elevation Control Mechanism: Sudo and Sudo Caching

      Abuse sudo or cached sudo credentials to execute code.

      privilege_escalationdefense_evasion
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks