High

Analysis Summary

CoinMiner is a malware designed to secretly mine cryptocurrencies, such as Bitcoin, on infected computers. The malware is typically spread through email attachments, malicious websites, or software downloads, and can infect both personal and business computers.

Once installed, CoinMiner malware will use the computer's processing power to solve complex mathematical algorithms and earn cryptocurrency for the hackers who created the malware. This can slow down the infected computer and cause it to overheat, potentially causing damage to the hardware.

CoinMiner malware is often difficult to detect because it is designed to run quietly in the background without drawing attention to itself. However, there are some signs that your computer may be infected with CoinMiner malware, including:

• Sluggish performance
• Increased CPU usage
• Overheating
• Fans running at a high speed
• Increased electricity bills

To prevent CoinMiner malware and other types of malware from infecting your computer, it's important to keep your operating system and antivirus software up to date, avoid downloading software or opening email attachments from unknown sources, and be cautious when visiting unfamiliar websites.

Impact

• Financial Loss
• Hardware Damage
• Data Loss

Indicators of Compromise

MD5

• eb7eb5acecb06deab2b4fce875d6c079
• dd3aa70adbe7894d6705ddb398155628
• 4ab8ccecd4a134b37a1141b515371b66
• 30880523d777f4fe75ca515c0d6df32b
• 2de0eae45e04dbe731524745220ae84d
• 5053731b700f2bc5aa700f9134d626df
• 8003dfa20fd077617b64654c3f3d432a

SHA-256

• 3b0503a6c2fb8f5cc645df4d5ab4dd9161cab9104dd1b7b8db0a89956a94bc6e
• 6b32ec90229466753e03ba4d9eb0c4eb225b8ca2fc5beea04f1ca4a887907c6b
• 7059ff79287dcb1ead0d9b0a166bc551d729b1c7c412cecab3574ac1379685f8
• 7022aee75dbf84ea8b3050fcee637f6f87232dfab7cb7cbd5f5a2062d749c07c
• a423c13ae00cc1610e4a6cf6dbc25dc9ad6740c8c3ea68ade661e5af0f141cf8
• 0947c9e3769c477b054fae25adda4e91aff1647c8422580bff39eb4bb043268d
• 348a9be94bdc46bb8bf4ee125f4f2c9413adbc9962636872d83b5de5c3c75c56

SHA1

• 22f0ecea986b8afdaa4d2b1254757058d4c2cab3
• bb1a69a94a1fb87e934657f582a06e716305a94c
• d0ebd671b85d91b7e4405e78dc8de723c23ee99d
• 73629571c0c7f6bfae8422ff44d79b48e2e13d1f
• 30427fb7d42bb9dd8e9d25294cac73f5cfce0a62
• b00bfd7e277315a0f9e44f29993cb208747d3a44
• b50e0a2a3c38f2fa8cb3185700db725cb1568586

Remediation

• Block all threat indicators at your respective controls.
• Search for indicators of compromise (IOCs) in your environment utilizing your respective security controls.
• Patch and upgrade any platforms and software on time and make it into a standard security policy. Prioritize patching known exploited vulnerabilities and zero-days.
• Along with network and system hardening, code hardening should be implemented within the organization so that their websites and software are secure. Use testing tools to detect any vulnerabilities in the deployed codes.
• Maintain cyber hygiene by updating your anti-virus software and implementing a patch management lifecycle.
• In addition, users can also consider using ad-blockers and disabling JavaScript in their web browsers to reduce the risk of drive-by downloads of CoinMiner malware.