is the current name of the new strand which mostly aims to mine the Monero cryptocurrency. But, in addition to that, this piece of malware which contains over 1,000 lines of code also tries to set itself up to shut down running services, hide files, and potentially steal your password.
Among the many steps it takes in rooting itself into a system, the malware tries to move itself into a folder where it has write permissions, gain root access, and escalate its own privileges using known exploits. It also adds itself to the autorun list and installs a rootkit.
As it does all this and gains more power over the system, it will try to stop any other software that may be mining cryptocurrencies, stop services and delete related files (many of which are related to antivirus solutions), and mine for Monero. The rootkit even allows it to steal user-entered passwords in the su command, so it seems to attack on a variety of fronts.
In addition to all of that, the virus tries to look for other systems to infect by looking at all the servers the system has connected to via SSH and then connecting to them itself.