Gridinsoft Logo
File Icon

NiceHashQuickMinerInstaller.exe Trojan CoinMiner Analysis

Updated 7 days ago
Checked by Malware Check
NiceHashQuickMinerInstaller.exe

Technical Analysis

File Name NiceHashQuickMinerInstaller.exe
File Type
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Scanner Version 1.0.218.174
Database Version 2025-06-20 04:00:44 UTC

Trojan.Win64.CoinMiner.ca

Malware family: CoinMiner

CoinMiner malware utilizes system resources including CPU and RAM for unauthorized cryptocurrency mining. It establishes persistence through startup integration and may use resource management techniques to avoid detection while mining currencies like Monero or Zcash.
N/A
Detection Rate
1,859,152
File Size (bytes)
2025-06-20
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
dc6fcda0672000c5593f607ff7ec745f
SHA1
4de5130435dd65437907442867e8db28bd82d1c2
SHA256
40cb10da51be47280083008184649a2505d40b01c066321f3c6973d5bd760929
SHA512
903623403201529fdcdf9c83064f71f3c379c107f4318ec874ddb216b92b06de717a2a02443310e101ead649f90fa8c9379cf8e4b6fdb265b2cbf9de303a9444

PE Analysis

Basic Information

Icon
Hash: 80242aa29740ee2191fda98ac18af12d
Fuzzy: bbc16c4d575b1b2b0e456be0da298f8f
dHash: e8c4d0e4ac98d0e0
Image Base 0x140000000
Entry Point 0x140000000
Compilation Time 2043-02-05 02:48:01
Checksum 0x001d0d44 (Actual: 0x001d0d44)
OS Version 4.0
PEiD Signatures PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
PDB Path Z:\Development\signing\excavator\watchdog2\obj\Release\NiceHashQuickMiner.pdb
Digital Signature OK
Imports 0
Exports 0 functions
Resources 7 Resources
Sections 2 Sections

Version Information

Translation 0x0000 0x04b0
Comments NiceHash QuickMiner
CompanyName NiceHash
FileDescription NiceHash QuickMiner
FileVersion 0.6.12.0
InternalName NiceHashQuickMiner.exe
LegalCopyright Copyright © 2022
LegalTrademarks
OriginalFilename NiceHashQuickMiner.exe
ProductName NiceHash QuickMiner
ProductVersion 0.6.12.0
Assembly Version 0.6.12.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00002000 1,545,250 bytes 1,545,728 bytes 4.81 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ FC002AB1360355CA9405615C1A8E6F52
.rsrc 0x0017c000 289,948 bytes 290,304 bytes 3.60 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 03FE52B6F307AAABCDD4FE3DB2908D56

Resource Analysis

Total Resources: 7 (289,489 bytes)
Resource Type Count Total Size Percentage
RT_ICON 4 285,408 bytes
98.6%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 938 bytes
0.3%
RT_MANIFEST 1 3,081 bytes
1.1%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

OK

Trojan.Win64.CoinMiner.ca Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.CoinMiner.ca without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware