CryptoMiner, WinstarNssmMiner, disguises as Media Player and infects 60,000 in one day | 360 Total Security Blog
Tags
attack-pattern: Msiexec - T1218.007 Scheduled Task - T1053.005 Software - T1592.002 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 977d4ce7-df10-4fe1-84f4-5cf20def4ee5
Fingerprint c1eb55cba9f31f8d
Analysis status DONE
Considered CTI value 0
Text language
Published July 5, 2018, 10:23 a.m.
Added to db Jan. 18, 2023, 8:09 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Blog
Title CryptoMiner, WinstarNssmMiner, disguises as Media Player and infects 60,000 in one day | 360 Total Security Blog
Detected Hints/Tags/Attributes 20/1/13
Source URLs
Redirection Url
Details Source https://blog.360totalsecurity.com/en/cryptominer-winstarnssmminer-disguises-as-media-player-and-infects-60000-in-one-day/
URL Provider
Details Provider Source level domain
Details 360totalsecurity.com blog.360totalsecurity.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
rbklong.info
Details Domain 1 
dl.acestream.org
Details File 4 
all.bat
Details File 6 
i.bat
Details File 269 
msiexec.exe
Details File 1 
rbklong.inf
Details File 1 
c:\windows\system32\2632313938.exe
Details File 1 
13938.ace
Details File 1 
2632313938.exe
Details File 1 
dl.ace
Details File 1 
28.exe
Details Url 1 
http://rbklong.info/13938.ace
Details Url 1 
http://dl.acestream.org/ace_stream_media_3.1.28.exe