MonsterInstall is a JavaScript-based and modular downloader trojan camouflaged and distributed to gaming targets in the form of game cheats via websites owned by its developers. The download is a password-protected 7zip archive containing an executable file; and upon launch, will download the requested cheats along with other trojan components. It will be added to the computer’s autorun to automatically launch after reboot. Then it will start collecting system info and send to the C&C server for further installations of updater and cryptomining modules.

Technical Details

  • Bleeping Computer provides technical analysis on MonsterInstall, here.