Hidden Bee is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions. Hidden Bee runs silentlyonly increased processor usage can hint that the system is infected. The loader is not packed by any crypter, but the loader is un-packed by the C&C. The payloads are injected into several applications, such as.svchost.exe, msdtc, dllhost.exe and WmiPrvSE.exe.”]
Source: https://blog.malwarebytes.com/threat-analysis/2019/05/hidden-bee-lets-go-down-the-rabbit-hole/