MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19
SHA3-384 hash: 2f09ae7d03f369bb27e9aed480214d187162fea0bfeb69930f188cdfab6daf725709dea46610fc2a68c03981b44ec39d
SHA1 hash: ff1e87a24462391d45a0fa886eec2b33cc005480
MD5 hash: 859fbbedefc95a90d243a0a9b92d1ae9
humanhash: equal-batman-washington-stairway
File name:trace
Download: download sample
File size:6'006'304 bytes
First seen:2021-02-19 10:51:31 UTC
Last seen:Never
File type: elf
MIME type:application/x-sharedlib
ssdeep 98304:VcZkVaQU0PbnGj6j/jM8MMM8MMMMMwMMwbvUvUvkGjrGjNDA5D38wc9Lr6p4pQT7:Ri0UNFUg+GZ4+gBitno6BF
TLSH 33566D5BB6A214FCC17AC870865FD572BE3078984222797B33949B302E67F605B1DFA1
Reporter r3dbU7z
Tags:elf miner

Intelligence

File Origin
# of uploads :
1
# of downloads :
325
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Unix.Coinminer.XMRig-6683890-0
Create hunting rule

Multios.Coinminer.Miner-6781728-2
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19/
Threat name:
Linux.Coinminer.BitCoinMiner
Create hunting rule
Status:
Malicious
First seen:
2020-12-25 12:47:06 UTC
AV detection:
19 of 29 (65.52%)
Threat level:
  4/5
Result
Malware family:
xmrig
Create hunting rule
Score:
  10/10
Tags:
family:xmrig linux miner
Link:
https://tria.ge/reports/210219-v1tlmxydee/
Behaviour
Writes file to tmp directory
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

elf 6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/982704/
  
Delivery method
Distributed via web download

Comments