Examining Water Sigbin's Infection Routine Leading to an XMRig Cryptominer
===========================================================================================================

[Hash]									[Detection names]

e6e69e85962a402a35cbc5b75571dab3739c0b2f3861ba5853dbd140bae4e4da	
f4d11b36a844a68bf9718cf720984468583efa6664fc99966115a44b9a20aa33	Ransom_Blocker.R002C0XFC24
0bf87b0e65713bf35c8cf54c9fa0015fa629624fd590cb4ba941cd7cdeda8050	TROJ_FRS.VSNTFH24
b380b771c7f5c2c26750e281101873772e10c8c1a0d2a2ff0aff1912b569ab93	TROJ_FRS.0NA104FH24
2e32c5cea00f8e4c808eae806b14585e8672385df7449d2f6575927537ce8884	Trojan.MSIL.EXNET.VSNW11F24


[URL/IP address]
89[.]169[.]52[.]37	
http://87[.]121[.]105[.]232/bin.ps1	
http://79[.]110[.]49[.]232/plugin3.dll