The rising price of the cryptocurrency has caused a skyrocketing trend of malware samples in the wild. ddos attacks go hand in hand with the mining of cryptocurrencies to increase the attackers’ revenue/profitability. Moreover, the temptation grows if you have thousands of victims at your disposal.
This article presents the result of our recent research on the DirtyMoe malware. We noticed that the NuggetPhantom malware  had been the first version of DirtyMoe, and PurpleFox is its exploit kit 
The DirtyMoe malware uses a simple idea of how to be modularized, undetectable, and untrackable at the same time. The aim of this malware is focused on Cryptojacking and DDoS attacks. DirtyMoe is run as a windows service under system-level privileges via EternalBlue and at least three other exploits. The particular functionality is controlled remotely by the malware authors who can reconfigure thousands of DirtyMoe instances to the