xmrig | 1a316d0973bb4f80adeda96a9ff52198_JaffaCakes118 | Triage

Sharing

General

Target

1a316d0973bb4f80adeda96a9ff52198_JaffaCakes118
Size

5.5MB
MD5

1a316d0973bb4f80adeda96a9ff52198
SHA1

7b6856f40a43cc7ed5ee67fca884486ef85d791c
SHA256

7a7bfa4f84e073d45b33ca6d4e5f263d31aa512d124bc6c682029f2b831c7c08
SHA512

0e254c78bcf653f773581de5b2d7f71ebd721f9940973ee9a4c5b80a243ddd859141b03fc28d8b2dce0f98d3dde2fe1b74086d8d6fa90485be84b98d64c69d4e
SSDEEP

98304:q13V3a0rqRIZ+wrvNoGRtKzIVLplxsVmHOx+IK4Wpi5WVHpC/tBYVZpaLEItyQ:q13V3HrqR4NlEzIJprsVmHUWkQJC4I

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack002/.rsync/a/anacron	xmrig

Xmrig family
xmrig

Files

1a316d0973bb4f80adeda96a9ff52198_JaffaCakes118
.gz
sample
.tar
.rsync/a/a
.sh linux
.rsync/a/anacron
.elf linux x86
.rsync/a/cron
.elf linux x64
.rsync/a/run
.sh linux
.rsync/a/stop
.sh linux
.rsync/c/go
.sh linux
.rsync/c/golan
.sh linux
.rsync/c/lib/32/libc.so.6
.elf linux x86
.rsync/c/lib/32/libdl.so.2
.elf linux x86
.rsync/c/lib/32/libnss_dns.so.2
.elf linux x86
.rsync/c/lib/32/libnss_files.so.2
.elf linux x86
.rsync/c/lib/32/libpthread.so.0
.elf linux x86
.rsync/c/lib/32/libresolv-2.23.so
.elf linux x86
.rsync/c/lib/32/libresolv.so.2
.elf linux x86
.rsync/c/lib/32/tsm
.elf linux x86
.rsync/c/lib/64/libc.so.6
.elf linux x64
.rsync/c/lib/64/libdl.so.2
.elf linux x64
.rsync/c/lib/64/libnss_dns.so.2
.elf linux x64
.rsync/c/lib/64/libnss_files.so.2
.elf linux x64
.rsync/c/lib/64/libpthread.so.0
.elf linux x64
.rsync/c/lib/64/libresolv-2.23.so
.elf linux x64
.rsync/c/lib/64/libresolv.so.2
.elf linux x64
.rsync/c/lib/64/tsm
.elf linux x64
.rsync/c/run
.sh linux
.rsync/c/slow
.sh linux
.rsync/c/start
.sh linux
.rsync/c/stop
.sh linux
.rsync/c/tsm
.sh linux
.rsync/c/tsm32
.elf linux x86
.rsync/c/tsm64
.elf linux x64
.rsync/c/watchdog
.sh linux
.rsync/init
.rsync/init2
.rsync/initall
.sh linux