███████╗██╗ ██╗██╗██╗ ███╗ ███╗██╗ ██╗████████╗███████╗██╗ ██╗ ██╔════╝██║ ██║██║██║ ████╗ ████║██║ ██║╚══██╔══╝██╔════╝╚██╗██╔╝ █████╗ ██║ ██║██║██║ ██╔████╔██║██║ ██║ ██║ █████╗ ╚███╔╝ ██╔══╝ ╚██╗ ██╔╝██║██║ ██║╚██╔╝██║██║ ██║ ██║ ██╔══╝ ██╔██╗ ███████╗ ╚████╔╝ ██║███████╗ ██║ ╚═╝ ██║╚██████╔╝ ██║ ███████╗██╔╝ ██╗ ╚══════╝ ╚═══╝ ╚═╝╚══════╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝

⚠

CoinHelper

miner1 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:

CoinHelper

CATEGORY:

MINER

DESCRIPTION:

CoinHelper is a cryptocurrency mining malware that has been observed in various cybercriminal campaigns. The malware is designed to mine cryptocurrency on compromised systems without user consent, utilizing system resources for financial gain. It employs sophisticated techniques to evade detection and establish persistence.

ALIASES:

CoinHelper Miner

TAGS:

cryptocurrency_miningresource_abusecybercriminalevasion_techniquespersistence

[MUTEX_SIGNATURES](1)

[MUTEX_01]

QPRZ<digit>bWvXh

ANALYST: @adhikara13 DATE: 2024-07-16

REFERENCES:

https://decoded.avast.io/janrubin/toss-a-coin-to-your-helper/

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:

⚠Unknown

FIRST_OBSERVED:

2024

[SIGMA_RULE]

[STATISTICS]

MUTEX_COUNT:1

THREAT_ACTORS:1

ALIASES:1

TAGS:5

CATEGORY:MINER

Malware profile loaded successfully