Gridinsoft Logo

Keygen_For_Fake_2021_11_by_ReverseCodez.exe Trojan CoinMiner Analysis

Trojan CoinMiner
Updated on 2024-08-04 (4 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.183.174
DB Version: 2024-08-04 02:00:27

Trojan.Win32.CoinMiner.ns

CoinMiner is a type of malware that harnesses the victim's computer resources, primarily CPU and RAM, to engage in cryptocurrency mining, such as for Monero or Zcash. This malware establishes persistence by integrating an open-source mining tool into the system's startup routine without the user's consent. Advanced coin miners often employ techniques like timer configurations or CPU usage limits to operate discreetly and avoid detection.

File Keygen_For_Fake_2021_11_by_ReverseCodez.exe
Checked 2024-08-03 23:23:37
MD5 6da69b8791c12096042659efcca980c5
SHA1 f0612c041b348a9c36af965257549e588eb8e319
SHA256 27faca387d9a8e5c7e43366b3eb4e0e108c9bc1bbfade960a7a41eb134f0eae0
SHA512 bd752b04820e4aa862fb4fc9dcd1d2a6571eaf326f043d88544cd0fba953c8ee297be067a0a4c261847efd35896bc5f8b92c0612539f4ec3c5ccd53c2f3b58ff
Imphash f34d5f2d4577ed6d9ceec516c1f5a744
File Size 159232 bytes

Trojan.Win32.CoinMiner.ns Removal

Trojan.Win32.CoinMiner.ns Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win32.CoinMiner.ns without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Translation 0x0000 0x04b0
Comments
CompanyName
FileDescription Keygen
FileVersion 1.0.0.0
InternalName Keygen2020.exe
LegalCopyright Copyright © 2021
LegalTrademarks
OriginalFilename Keygen2020.exe
ProductName Keygen
ProductVersion 1.0.0.0
Assembly Version 1.0.0.0

Portable Executable Info

97d50cf5e83327b5ad43227830bd48f9
6c49fad5477be665e46394a07ad7e0bf
704dccd4e4e8f0d0
Image Base: 0x00400000
Entry Point: 0x0042c00a
Compilation: 2023-02-04 19:09:24
Checksum: 0x00000000 (Actual: 0x00027aee)
OS Version: 4.0
PEiD: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 5
Imports: mscoree,
Exports: 0
Resources: 7

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
e^JyB5 ] 0x00002000 0x00014300 0x00014400 1946f7fdfa4b736fa222126f2a7ccae0 8.00
.text 0x00018000 0x0000bbcc 0x0000bc00 89c073f6f8030d39cccbc5d7bcb1ad98 5.22
.rsrc 0x00024000 0x000064a6 0x00006600 b08970d19f57e9ba3e2026b2bab9cc95 4.14
0x0002c000 0x00000010 0x00000200 6f55453efde4923a1b69cef6bf806365 0.14
.reloc 0x0002e000 0x0000000c 0x00000200 99cd0cb485d94d155a53d4dd92c3c62f 0.10

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware