Gridinsoft Logo

Nhm_windows_3.1.1.0.exe Risk CoinMiner Analysis

Risk CoinMiner
Updated on 2024-05-12 (8 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.175.174
DB Version: 2024-05-12 17:00:36

Risk.Win32.CoinMiner.dd!n

CoinMiner is a type of malware that harnesses the victim's computer resources, primarily CPU and RAM, to engage in cryptocurrency mining, such as for Monero or Zcash. This malware establishes persistence by integrating an open-source mining tool into the system's startup routine without the user's consent. Advanced coin miners often employ techniques like timer configurations or CPU usage limits to operate discreetly and avoid detection.

File nhm_windows_3.1.1.0.exe
Checked 2024-05-12 14:25:28
MD5 f8150f79dc9ff6bd7d6125833d40fd4d
SHA1 45d57406663dbb82f77e2cbe113f477585dae2ed
SHA256 0135aafc6a99a21d8bd2e890f91addf37a2702f0caa8863708a90825c44c9fc6
SHA512 911a75e018f43880cc07ccc3817406de7050183868793f4862d729d6e6bc0b3576e68bf4a4d67caf8a18d51c0b7f6a2ce251d8213923543b98d7e4c3157ace52
Imphash 56a78d55f3f7af51443e58e0ce2fb5f6
File Size 62301656 bytes

Risk.Win32.CoinMiner.dd!n Removal

Risk.Win32.CoinMiner.dd!n Removal

Gridinsoft has the capability to identify and eliminate Risk.Win32.CoinMiner.dd!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

CompanyName H-BIT, d.o.o.
FileDescription NiceHash Miner is a simple to use mining tool
FileVersion 3.1.1.0
LegalCopyright H-BIT, d.o.o. © 2022
LegalTrademarks NICEHASH ®
ProductName NiceHash Miner
Translation 0x0409 0x04b0

Portable Executable Info

6fdaf3a9bca4de463eeac0a36abf223f
1745eceb33305abb4e2557bad179b489
e0c4ecc44ce0f0e8
Image Base: 0x00400000
Entry Point: 0x0040352d
Compilation: 2021-09-25 21:57:46
Checksum: 0x03b7193b (Actual: 0x03b7193b)
OS Version: 4.0
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Sign: OK
Sections: 5
Imports: ADVAPI32, SHELL32, ole32, COMCTL32, USER32, GDI32, KERNEL32,
Exports: 0
Resources: 11

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x00006897 0x00006a00 ce9df19df15aa7bfbc0a8d0af0b841d0 6.46
.rdata 0x00008000 0x000014a6 0x00001600 a118375c929d970903c1204233b7583d 5.02
.data 0x0000a000 0x0002b018 0x00000600 82a10c59a8679bb952fc8316070b8a6c 4.15
.ndata 0x00036000 0x0002b000 0x00000000 d41d8cd98f00b204e9800998ecf8427e 0.00
.rsrc 0x00061000 0x00046948 0x00046a00 bb6f6f4b1cdf1e2f2e5c9a21ca7a5b25 3.71

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware