Contains code to disable Windows Defender

A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

Modifies Windows Defender Real-time Protection settings

xmrig

XMRig is a high performance, open source, cross platform CPU/GPU miner.

XMRig Miner payload

Creates new service(s)

Drops file in Drivers directory

Stops running service(s)