Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network
Tags
cmtmf-attack-pattern: Masquerading Resource Hijacking
attack-pattern: Abuse Elevation Control Mechanism - T1626 Abuse Elevation Control Mechanism - T1548 Code Signing - T1553.002 Create Or Modify System Process - T1543 Credentials - T1589.001 Elevated Execution With Prompt - T1548.004 Elevated Execution With Prompt - T1514 File And Directory Permissions Modification - T1222 Ip Addresses - T1590.005 Launch Daemon - T1543.004 Linux And Mac File And Directory Permissions Modification - T1222.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Match Legitimate Name Or Location - T1036.005 Match Legitimate Name Or Location - T1655.001 Multi-Hop Proxy - T1090.003 Resource Hijacking - T1496 Server - T1583.004 Server - T1584.004 Code Signing - T1116 Connection Proxy - T1090 Launch Daemon - T1160 Masquerading - T1036 Multi-Hop Proxy - T1188 Masquerading
Show in Graph
Common Information
Type Value
UUID 0b4cef0b-1846-4160-ba20-d05cb90b197b
Fingerprint bc6511928d6f0e83
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 21, 2022, midnight
Added to db Oct. 15, 2024, 3:18 p.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network
Title Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network
Detected Hints/Tags/Attributes 63/2/24
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_ae/research/22/b/latest-mac-coinminer-utilizes-open-source-binaries-and-the-i2p-network.html
Details Source https://www.trendmicro.com/en_gb/research/22/b/latest-mac-coinminer-utilizes-open-source-binaries-and-the-i2p-network.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
com.adobe.acc.network
Details Domain 4 
xmrig.com
Details Domain 4128 
github.com
Details Domain 1 
i2pd.readthedocs.io
Details File 3 
v1.pl
Details File 1 
0_osx.tar
Details File 7 
client.key
Details Github username 1 
purplei2p
Details sha256 1 
9518906dc416de6c6a5d17479244cf698b062c1d6b4425d86ee6895ce66c7c39
Details sha256 1 
cbad9d6fd5b7d2e8860735e02f3bc54b9fc0d044df508f2293a60f2741ed7a66
Details sha256 1 
cc483d9aa67048f7249f970337e329280b5ceb05053796ea44476e153e392686
Details sha256 1 
f24da6301f95432a63eb98f8954e1da6f7275b73d0bde76052d66a6d2e587df5
Details sha256 1 
42f982cde3d7aa9c5b86abe6c94119f7e4351fe84fe5ede41a1f1f2e0ab45be0
Details sha256 1 
3028436248053280a93c3bedbefa65cacaf6e805e98a9bde09d858db974aab09
Details IPv4 1441 
127.0.0.1
Details MITRE ATT&CK Techniques 8 
T1543.004
Details MITRE ATT&CK Techniques 4 
T1548.004
Details MITRE ATT&CK Techniques 107 
T1496
Details MITRE ATT&CK Techniques 48 
T1090.003
Details MITRE ATT&CK Techniques 35 
T1222.002
Details MITRE ATT&CK Techniques 183 
T1036.005
Details Url 1 
https://xmrig.com
Details Url 1 
https://github.com/purplei2p/i2pd/releases/download/2.27.0/i2pd_2.27.0_osx.tar.gz
Details Url 1 
https://i2pd.readthedocs.io/en/stable/user-guide/tunnels/#client