Symbiosis of PowerShell and EternalBlue for cryptocurrency mining
ref:https://securelist.com/a-mining-multitool/86950/
PowerGhost is an obfuscated PowerShell script that contains the core code and the following add-on modules: the actual miner, mimikatz, the libraries msvcp120.dll and msvcr120.dll required for the miner’s operation, a module for reflective PE injection and a shellcode for the EternalBlue exploit.
ref:https://securelist.com/a-mining-multitool/86950/
PowerGhost is an obfuscated PowerShell script that contains the core code and the following add-on modules: the actual miner, mimikatz, the libraries msvcp120.dll and msvcr120.dll required for the miner’s operation, a module for reflective PE injection and a shellcode for the EternalBlue exploit.
Attachments
(3.25 MiB) Downloaded 55 times
