🦠

Severity: LOW

CoinMiner

Type: Unknown

SHA256d9108451196c9022972a0b4735a453c3af83888451302fb465754b9c1662fedf

First Capture3/31/2026

Last Activity3/31/2026

Countries1

🎯

Times Captured

🌍

Countries

🖥️

Source IPs

🛡️

AV Detections

🔬

MalwareBazaar Intelligence

abuse.ch • Updated: 3/31/2026

View in MalwareBazaar ↗

FamilyCoinMiner

File Typeelf(17696.0 KB)

First seen in MB3/5/2026

Tags

Coinminerelf

YARA Rules (24)

ClamAV_Emotet_String_Aggregate

CP_Script_Inject_Detector

by DiegoAnalytics

Detects attempts to inject code into another process across PE, ELF, Mach-O binaries

DetectEncryptedVariants

by Zinyth

Detects 'encrypted' in ASCII, Unicode, base64, or hex-encoded

dsc

by Aaron DeVera

Discord domains

enterpriseapps2

by Tim Brown @timb_machine

Enterprise apps

enterpriseunix2

by Tim Brown @timb_machine

Enterprise UNIX

Vendor Intel (7)

Triage

Detected

Kaspersky

Malware

YOROI_YOMI

Suspicious File

FileScan-IO

LIKELY_MALICIOUS

CERT-PL_MWDB

Detected

Spamhaus_HBL

Detected

ReversingLabs

MALICIOUS

Countries of Origin

🇨🇳China

Antivirus Detections (0)

No antivirus detections recorded

Source IPs

113.240.110.0→

Severity

/100

LowMediumHighCritical