Pulse Detail — Threat Intelligence

● 0 online

ANALYZING THREAT INTELLIGENCE

PULSE NAME

JbossMiner 挖矿蠕虫IOC

WHITE chuanjia_yi 2022-03-14 Modified: 2022-04-03

39

IOCs

MEDIUM VOLUME

↓ CSV ↓ JSON

JbossMiner 挖矿蠕虫IOC

windows web app开发安全应用服务中间件数据安全/隐私保护 jbossminer consumer querylanguage query select within filter linux strong systemroot path HotSpot CoinMiner

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1047

MALWARE FAMILIES

JbossMiner

Indicators of Compromise (39)

All URL domain FileHash-SHA256 hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://u.swb.one/cidir	—	2022-03-14
URL	http://u.swb.one/cracksk	—	2022-03-14
domain	enjoytopic.tk	—	2022-03-14
URL	http://emsisoft.enjoytopic.tk/Xagent.exe	—	2022-03-14
URL	http://emsisoft.enjoytopic.tk/Xagent3.exe	—	2022-03-14
URL	http://emsisoft.enjoytopic.tk/c	—	2022-03-14
URL	http://emsisoft.enjoytopic.tk/check.html	—	2022-03-14
URL	https://emsisoft.enjoytopic.tk/Xagent.exe	—	2022-03-14
URL	https://emsisoft.enjoytopic.tk/Xagent3.exe	—	2022-03-14
FileHash-SHA256	acd803399422caf7aa446e1b997a9637a0584e13b85788d7827aa712b136c3aa	—	2022-03-14
FileHash-SHA256	3ca112b89535f8f92a2e022000553851e0338e204e532e7711c04693da4f51df	—	2022-03-14
FileHash-SHA256	3d2d8fd2c15da7ac4d03436a717613316f5e6a371618d4a386d968e3ea0fc267	—	2022-03-14
FileHash-SHA256	6818f885162fc5449571b8a21f28ed3505e43a226f33cb0540f97a7277ae902d	—	2022-03-14
FileHash-SHA256	e998ac5d1115aaa6089eb459fc3b7a5f6689582adf5f7f7834b782836ad19936	—	2022-03-14
URL	http://xmr.enjoytopic.tk/12/r88.sh	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2/Xagent6.exe	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2/core.exe	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2/gd64.txt	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2/reg9.sct	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2/regxmr00.sct	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d2/xagent6.exe	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l/	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l/hawk	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l/rootv2.sh,http:/xmr.enjoytopic.tk/l2/rootv2.sh	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l2	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l2/	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l2/r88.sh	—	2022-03-14
URL	http://xmr.enjoytopic.tk/l2/rootv2.sh	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d/regxmr3.sct	—	2022-03-14
URL	http://emsisoft.enjoytopic.tk/fix.txt	—	2022-03-14
URL	http://emsisoft.enjoytopic.tk/tg3.txt	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d/ps3.txt	—	2022-03-14
URL	http://xmr.enjoytopic.tk/d/regxmr222.sct	f8bf41177a5f5e808a7ccb648b51080b031f15ca8018d91a576263d6cc626eb6	2022-03-14
hostname	cs.swb.one	—	2022-03-14
hostname	emsisoft.enjoytopic.tk	—	2022-03-14
hostname	u.swb.one	—	2022-03-14
hostname	xmr.enjoytopic.tk	—	2022-03-14

References (1)

↗ https://developer.aliyun.com/article/558034#slide-3