Home
Attack
Dataset
Contact Us
Attack
2024 01
T1-24–01–S–N–CL
T2-24–01–S–N–CL
T3-24–01–S–N–CL
T4-24–01–S–E–M
T5-24–01–S–E–LM
T6-24–01–S–E–FH
T7-24–01–M–NE–CLM
T8-24–01–M–NE–CFHL
T9-24–01–M–NE–CLM
2024 02
T1-24–02–S–N–CIKM
T2-24–02–S–N–CL
T3-24–02–S–N–CL
T4-24-02-S-E-M
T5-24-02-S-E-DL
T6-24-02-S-E-DEGN
T7-24-02-M-NE-CDEGLN
T8-24-02-M-NE-CDL
T9-24-02-M-NE-CLH
Dataset
Contact Us
T5-24-01-S-E-LM
Cryptojacking (XMRig Miner)
XMRig is an open-source, computer resource-utilizing cryptocurrency miner that utilizes the resources of an infected PC to mine the attacker's cryptocurrency for financial gain. Infected PCs may experience a decrease in PC performance due to the unintentional running of the miner.
1. Communicate with the C&C server via script
2. Download and run XMRing Miner
3. Mine cryptocurrency using PC resources
OS
IP
Software
Log collection
time
Program
runtime
Attacker
-
-
-
22 sec
80 sec
Victim
Ubuntu 20.04.1
10.0.2.15
-
Installing
python3 -m pip install -r requirements.txt
Using
python3 run.py
MITRE ATT&CK Framework
Attack Tactic
Reconnaissance
Resource Development
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential
Discovery
Lateral Movement
Collection
Command and Control
Exfiltration
Impact
Logs
./log/2024_01_T5_{time}.log # YYmmdd_HHMMSS
References
[1]
XMRig [https://xmrig.com/]
[2]
VirusTotal [ed8fe6eb98c8a487c631dee11ddbe11c322e446666280f7b97844d259fdb10f5]
※ Click on the attack name to see a description and scenario for the attack
2024 01
T1-24–01–S–N–CL
T2-24–01–S–N–CL
T3-24–01–S–N–CL
T4-24–01–S–E–M
T5-24–01–S–E–LM
T6-24–01–S–E–FH
T7-24–01–M–NE–CLM
T8-24–01–M–NE–CFHL
T9-24–01–M–NE–CLM
Copyright(C) 2024, KAIST Cyber Security Reserch Center. All Rights Reserved.
