Backdoors and trojan horses Adylkuzz Cryptocurrency Mining Malware Detected

Adylkuzz is a cryptocurrency mining malware that is reportedly spreading by exploiting a flaw in SMB. The spreading mechanism is designed on the ETERNALBLUE exploit that was released by the Shadow Brokers.
Microsoft addressed this vulnerability under MS17-010.

QID Detection Logic (Authentication):
This authenticated detection works by checking for the presence of services and a few files that are found on an infected system.

Systems infected by this cryptocurrency mining malware will have their systems employed for mining the Monero cryptocurrency for the malware creator, consuming computing excessive resources.

Cleaning up Infected systems:
- Contact your Anti-Malware vendor to remove the infection.

Workaround:
- Apply MS17-010 and KB4012598 Microsoft patches for affected systems.
- Disable SMBv1.
- Block TCP Port 445 at the perimeter.