ioc[.]one - OSINT Cyber Threat Intelligence Database

KomarMiner, a cryptomining Trojan disguising as cracking software, is spreading in the wild | 360 Total Security Blog

Tags

attack-pattern:

Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	f20601af-184d-4364-9d3e-73d4d0095bfa
Fingerprint	8e431d03a92d060d
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 5, 2018, 10:53 a.m.
Added to db	Jan. 18, 2023, 8:09 p.m.
Last updated	Nov. 17, 2024, 5:54 p.m.
Headline	Blog
Title	KomarMiner, a cryptomining Trojan disguising as cracking software, is spreading in the wild \| 360 Total Security Blog
Detected Hints/Tags/Attributes	16/1/15

Source URLs

	Redirection	Url
Details	Source	https://blog.360totalsecurity.com/en/komarminer-a-cryptomining-trojan-disguising-as-cracking-software-is-spreading-in-the-wild/

URL Provider

Details	Provider	Source level domain
Details	360totalsecurity.com	blog.360totalsecurity.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		letmecheckyou.be
Details	Domain	16		xmr.pool.minergate.com
Details	Domain	1174		gmail.com
Details	Email	1		oli21on21@gmail.com
Details	File	1		+telugu+full+movie+watch+online.exe
Details	File	10		download.exe
Details	File	1		9nlhmrzoms.exe
Details	File	1		paysafecard+codes+generator+2018+8211+unlimited+code+list.exe
Details	File	1		%userprofile%\appdata\local\temp\27777.exe
Details	File	1		27777.exe
Details	File	22		build.exe
Details	File	1		c:\programdata\komar.exe
Details	File	1		xactengine2_5-jipdate.exe
Details	File	1		t9eg.exe
Details	Url	1		http://letmecheckyou.be/build.exe