Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 6, 2021, 3:46 p.m.	July 6, 2021, 3:48 p.m.

Size	1.5MB
Type	gzip compressed data, last modified: Thu Jul 1 09:48:56 2021, from Unix
MD5	`bf32d6d01a0dd6802045e154b481175e`
SHA256	`7695a56e0540a2600d9882cf9e504c1b25cadb2368bee8789afa53b5c4e74809`
CRC32	`1270614C`
ssdeep	`49152:z3jc9x0CtdVaPqKo8alWs3nz/OwcsskDRAtioLFg:z3oPdlaq98Zk2/kDRALFg`
Yara	None matched

cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "ZhsRYRYnv" C:\Users\test22\AppData\Local\Temp\mod.jpg
1116

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Lionic	Riskware.Linux.BitCoinMiner.1!c
ClamAV	Multios.Coinminer.Miner-6781728-2
CAT-QuickHeal	ELF.CoinMiner.38807.GC
Sangfor	Suspicious.Linux.Save.a
Arcabit	Trojan.Linux.Agent.HHM
Cyren	E64/CoinMiner.B.gen!Camelot
Symantec	Trojan.Gen.NPE
ESET-NOD32	a variant of Linux/CoinMiner.AV potentially unwanted
TrendMicro-HouseCall	Coinminer.Linux.MALXMR.SMDSL64
Avast	ELF:BitCoinMiner-HF [Trj]
Cynet	Malicious (score: 99)
BitDefender	Trojan.Linux.Agent.HHM
NANO-Antivirus	Riskware.Elf64.BitCoinMiner.hpbopl
MicroWorld-eScan	Trojan.Linux.Agent.HHM
F-Secure	Malware.LINUX/BitCoinMiner.jjaef
DrWeb	Tool.Linux.BtcMine.2217
TrendMicro	Coinminer.Linux.MALXMR.SMDSL64
McAfee-GW-Edition	Coinminer.json.g
FireEye	Trojan.Linux.Agent.HHM
Emsisoft	Trojan.Linux.Agent.HHM (B)
Avira	LINUX/BitCoinMiner.jjaef
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Generic.ASELF.39EC3
Microsoft	Trojan:Linux/CoinMiner.K
GData	Trojan.Linux.Agent.HHM
AhnLab-V3	Linux/CoinMiner.Gen2
McAfee	Coinminer.json.g
Rising	HackTool.MinerCfg/JSON!1.CABA (CLASSIC)
Fortinet	ELF/BitCoinMiner.HF!tr
AVG	ELF:BitCoinMiner-HF [Trj]

mod.jpg