SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.sustes (Back to overview)

sustes miner

Sustes Malware doesn’t infect victims by itself (it’s not a worm) but it is spread over exploitation and brute-force activities with special focus on IoT and Linux servers. The initial infection stage comes from a custom wget directly on the victim machine followed by a simple /bin/bash mr.sh. The script is a simple bash script which drops and executes additional software.

References
2018-09-20Marco Ramilli
Sustes Malware: CPU for Monero
sustes miner

There is no Yara-Signature yet.