Researchers have discovered a malware specimen that Microsoft's own download service used to hide.The malware by security firm Websense 'f0xy' and is among other because of the use of the Microsoft Background Intelligent Transfer Service ( BITS ).
This service uses available bandwidth for downloading files. Many Windows services use this service, including Windows Update and Windows Defender. According to researchers used f0xy download service to avoid being noticed. Virus scanners would beat slower alarm when network requests BITS see coming than an unknown .exe file would be the case. The malware itself is developed to mine infected computers to digital currency.
Hashes:
080c61c9172cd49f6e4e7ef27285ccaaf6d5f0ac
c25da337ec5ac041312b062e7fb697e4f01ca8d9
cd4e297928502dece4545acbe0b94dd1270f955c
adbf0e4d37e381fe7599695561262d1a65205317
54d2810aaae67da9fa24f4e11f4c2d5fe4d2b6d4
7de3ed8f751a528fde1688d35c6eb5533b09ae11
812e453c22e1a9f70b605cd27d3f642c3778d96d
55c9d015b1f8d68e6b5ce150f2dbab2b621dac1c
e80d7f27405ece2697a05d6c2612c63335851490
f4f1d8bceb62c72f2fe6713c5395555917fc40ad
2a4837fdb331f823ca474f521248b2cdb766528f
f522e0893ec97438c6184e13adc48219f08b67d8