KomarMiner, a cryptomining Trojan disguising as cracking software [360totalsecurity]

by CIRT Team

Recently, 360 Security Center monitored a kind of malicious mining Trojans disguising as all kinds of commonly used cracking software for big spread. At present, it has already supported defense against killing and killing. It is recommended that users do not download various software with unknown origins. Download the software as far as possible to the official website.

Analysis
KomarMiner Trojan disguises as a variety of cracker downloaders, here are the common file names:

kirrak+party+(2018)+telugu+full+movie+watch+online.exe

SOLIDWORKS 2017 PRO CRACK FREE DOWNLOAD.EXE

TCS GSM Drivers Pack Solution 2018 Free Download.exe

9NLHMRZOMS.EXE

PAYSAFECARD+CODES+GENERATOR+2018+8211+UNLIMITED+CODE+LIST.EXE

After running the cracker, the Trojan will be downloaded to %UserProfile%\appdata\local\temp\27777.exe, and the main role of 27777.exe is to download Trojan files online.

The download address is:
http://letmecheckyou.be/build.exe

For more, click here.

CIRT Team

Recommended Posts

Training on cybersecurity awareness for Department of Women Affairs

25 Nov 2023 - Articles, English articles, News, News Clipping, Service

BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত

22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping