Online Virus Checker | v.1.0.190.174 |
DB Version: | 2024-09-25 14:00:38 |
CoinMiner is a type of malware that harnesses the victim's computer resources, primarily CPU and RAM, to engage in cryptocurrency mining, such as for Monero or Zcash. This malware establishes persistence by integrating an open-source mining tool into the system's startup routine without the user's consent. Advanced coin miners often employ techniques like timer configurations or CPU usage limits to operate discreetly and avoid detection.
File | SmCredential.exe |
Checked | 2024-09-25 12:03:57 |
MD5 | 6eba6b2af8f709303bc9ead4fac658db |
SHA1 | b4818c8adb4567d87ba83d3284a33e9c10f8f3d2 |
SHA256 | 41de08416967de58073203a4a231c2b6d93511a1880d1ec5786a3cb0c1b63f42 |
SHA512 | abd5719f65eda958b46e24b5bad6509a2c0b2099583a7c7550bee1d819d8d3cdaf8042e56f34832bf37c7ba9f9bf7d377d4bbe74ea55e3e3f6079b8e548ebc2a |
Imphash | 12806e48b853545b536463546db4baa1 |
File Size | 6346752 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win64.CoinMiner.ca without requiring further user intervention.
CompanyName | Microsoft Corporation |
FileDescription | Segnalazione errori applicazioni Microsoft |
FileVersion | 10.0.2627 |
InternalName | DWIntl |
LegalCopyright | Copyright© Microsoft Corporation 1999-2001. Tutti i diritti riservati. |
LegalTrademarks1 | Microsoft® è un marchio registrato di Microsoft Corporation. |
LegalTrademarks2 | Windows® è un marchio registrato di Microsoft Corporation. |
OriginalFilename | DWIntl.Dll |
ProductName | Microsoft Application Error Reporting |
ProductVersion | 10.0.2627 |
Built by | OFFMSO7 |
Translation | 0x0410 0x04e4 |
e978c4085c6c2cba0a6e5f6871491494 da7d02a73d2003a54f3910a556e8e28e b0b5fd2ece80c4c4 |
|
Image Base: | 0x140000000 |
Entry Point: | 0x1403e01a4 |
Compilation: | 2024-08-11 18:16:41 |
Checksum: | 0x00000000 (Actual: 0x00614297) |
OS Version: | 6.0 |
PEiD: | PE32+ executable (console) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 10 |
Imports: | WS2_32, IPHLPAPI, USERENV, CRYPT32, KERNEL32, USER32, SHELL32, ole32, ADVAPI32, bcrypt, |
Exports: | 0 |
Resources: | 10 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0041a478 | 0x0041a600 | 7bfa50ff80e175efdc3f63b945917ffd | 6.52 |
.rdata | 0x0041c000 | 0x001a6e22 | 0x001a7000 | 45ad955dcfec3415d214ef4e759878b5 | 6.17 |
.data | 0x005c3000 | 0x002af4d4 | 0x00010200 | 21bcb66e26a5153208ee0e5b0674ac6a | 4.02 |
.pdata | 0x00873000 | 0x0002a528 | 0x0002a600 | 3216f277e28eeb2a10e798f3c405f411 | 6.32 |
_RANDOMX | 0x0089e000 | 0x00000c56 | 0x00000e00 | 9ee63642b94966ecb630ee0843e46b26 | 5.68 |
_TEXT_CN | 0x0089f000 | 0x000026d1 | 0x00002800 | afea7882aa31e5987db2f12b8933de56 | 6.08 |
_TEXT_CN | 0x008a2000 | 0x00001184 | 0x00001200 | 409bf3f918f2402291cb56c2e9354b47 | 6.05 |
_RDATA | 0x008a4000 | 0x000000f4 | 0x00000200 | 9e68fee697a3137ad662934ab8ec793e | 2.46 |
.rsrc | 0x008a5000 | 0x00002000 | 0x00001600 | 30021c146d62bdf6950ba42238d7f666 | 3.00 |
.reloc | 0x008a7000 | 0x0000b5a0 | 0x0000b600 | 2db71728c819782830a4bc6de4955950 | 5.46 |