Reminder


Malware Info

Name Acrux
Written in C / C++
Tags miner stealer

Network Info

GET /bin/sqlite.dll
GET /cmd.php?getsettings=hello
GET /cmd.php?miner=check
GET /getinfo.php?statushwid=????&status=????
GET /getinfo.php?getconfig=korozya_is_dayn
GET /getinfo.php?ftp=get
GET /getinfo.php?error=con

Files

%TEMP%\cache.temp

Commands

schtasks.exe /Create /SC MINUTE /MO 1 /TN memRun32 /TR '%ROAMING%\%RANDOM%\%RANDOM%.exe
DllHost.exe /Processid:{4D111E08-CBF7-4F12-A926-2C7920AF52FC}

Yara

           Nope dude, nothing currently...
      

Links / Paper / Data

Nothing currently...

Samples of this malware on Haruko

One day... (before half-life 3 launch...)