Malware researchers at Yoroi-Cybaze Z-Lab have discovered a P2P worm that is spreading Crypto-Miners in the wild. The researchers dissected this malware threat revealing its hidden virulent nature. A quick recon revealed it actually is an SFX archive containing several other files. The usage of an archive like SFX allows the attacker to hide the content of the malicious PE and significantly reduce the detection rate. After the auto-extraction, the first file run is run.vbs Its content is minimal and redirect the execution to a small batch file, installer.bat”]
Source: https://securityaffairs.co/wordpress/88795/malware/p2p-worm-spreading-crypto-miners.html