Reverse Engineering Cryptocurrency Miner using Heaven’s Gate Injection
Cryptocurrency Miners are the new trend for malware in 2018. While they aren’t as harmful as ransomware or RATs, they cause major performance headaches for administrators. Often times, miners are usually built using the same open-source technologies but occasionally there is one that uses a new or interesting technique. This specific malware uses a 64-bit process injection from a 32-bit process, a technique released in 2010 known as Heaven’s Gate. The attached report is a brief summary of reverse engineering the miner.