Smominru is a wormable malware that spreads using the EternalBlue exploit and by brute forcing RDP, MSSQL, Telnet and other exposed services. Windows 7 and Windows Server 2008 are the most infected operating systems, representing 85 percent of all infections. 25% of infected victims were reinfected more than once, showing that machines were not being properly patched and secured after being cleaned. The researchers believe the PcShare component is used to download the Monero miners, which can then utilize all of the computer’s resources for their own mining efforts.
Source: https://www.bleepingcomputer.com/news/security/smominru-mining-botnet-in-cyber-turf-war-with-rival-malware/