ioc[.]one - OSINT Cyber Threat Intelligence Database

Pro-Ocean: Rocke Group’s New Cryptojacking Malware

Tags

country:	China
attack-pattern:	Data Cron - T1053.003 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Vulnerabilities - T1588.006 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	cfb17617-ddea-4c7f-8c4d-a8a0c822860f
Fingerprint	88241cbbeddf87c5
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 28, 2021, 2 p.m.
Added to db	Sept. 11, 2022, 12:29 p.m.
Last updated	Nov. 12, 2024, 11:49 a.m.
Headline	Pro-Ocean: Rocke Group’s New Cryptojacking Malware
Title	Pro-Ocean: Rocke Group’s New Cryptojacking Malware
Detected Hints/Tags/Attributes	57/2/24

Source URLs

	Redirection	Url
Details	Source	https://unit42.paloaltonetworks.com/pro-ocean-rocke-groups-new-cryptojacking-malware/

URL Provider

Details	Provider	Source level domain
Details	paloaltonetworks.com	unit42.paloaltonetworks.com

Attributes

Details	Type	#Events	Value
Details	CVE	10	cve-2016-3088
Details	CVE	81	cve-2017-10271
Details	Domain	117	ld.so
Details	Domain	15	ident.me
Details	Domain	1	shop.168bee.com
Details	Domain	21	pool.minexmr.com
Details	File	1	proc__scanr.py
Details	sha256	1	4ff33180d326765d92e32ec5580f54495bfcdd58a85f908a7ece8d0aedbe5597
Details	sha256	1	220c2ebacafde95ebf4af12bf0d8eedb6004edd103ecb1d6363e7eb5a3e62c01
Details	sha256	1	a81424ec81849950616f932c79db593147b8a01cc6d06d279fd05d61103abdb7
Details	sha256	1	070afdbb4c2c9e499d55cb8fbc08f98e95725b98682586d42f84fd7181eae1cb
Details	sha256	1	0a3898da2c6e31f1eed4497c4e4e3cf24138981f35cb3d190b81ba4b24ab3df0
Details	sha256	1	26a126fd5cd47b62bb5ae3116a509caf84da1ccd414e632f898aec0948cb0dbf
Details	sha256	1	37e1c05cc683bac5fe97763023a228a4ca4e0439acc94695724f67b7e0275ece
Details	sha256	1	d3e95ae2f01be948dd11157873b3c84cb3e76dea1b382bcfb2c0cb09a949497c
Details	sha256	1	713b5447a51a4b930222491a2dfb5b948a5da6860d80cd8663c99432c1e0812f
Details	sha256	1	0f7abdceae4353c4a6a8ed6b5d261df0f94c2c52709dd50d38003192492e7d3b
Details	sha256	1	bfea86bb68b51c6875d541c92bb48b38298982efbe12cf918873642235b99eeb
Details	sha256	1	575945f6f5149dc48c4a665fcab0cbdbedec1e18b887abe837ed987a7253ad02
Details	sha256	1	abb36bc19b82a026f7d70919c64ed987ebb71420b04bb848275547e99da485bd
Details	sha256	1	7888925fe143add65f2ad928a7ee4e4b864d421fde57fac0cb2b218e70fe4d31
Details	Url	1	http://shop.168bee.com
Details	Url	1	https://shop.168bee.com
Details	Url	1	http://pool.minexmr.com