The scope of this thesis is the study of Malware Analysis on Linux environments in a systematic and detailed manner, based on SAMA methodology. Moreover, the ENISA guidelines were advised for creating a modular laboratory, capable of isolating the infected VMs and providing them with Internet connection or a simulated one by applying the appropriate rules. A variant of “Skidmap” cryptomining trojan was selected as the sample to be analyzed and extensive effort was given in reversing its code as well as studying its behavior to fully understand the intentions. Beyond its core functionality are findings such as the communication means, the servers used to deploy their next stage, the evasive techniques, and the way that those were bypassed.