Gridinsoft Logo

4399账号注册机.exe Ransomware Miner Analysis

Ransomware Miner
Updated on 2025-04-30 (18 days ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.215.174
DB Version: 2025-04-30 16:00:22

Ransom.Win32.Miner.cld

Miner is a type of malware that harnesses the victim's computer resources, primarily CPU and RAM, to engage in cryptocurrency mining, such as for Monero or Zcash. This malware establishes persistence by integrating an open-source mining tool into the system's startup routine without the user's consent. Advanced miners often employ techniques like timer configurations or CPU usage limits to operate discreetly and avoid detection.

File 4399账号注册机.exe
Checked 2025-04-30 13:08:48
MD5 d8e4072e31e5fa85702472715d3d9e59
SHA1 f732e502a4bf4694746f5e71ee8847904ec828fc
SHA256 7a01de7e472fa80b6a50eac2c220dedf506dd2e33ef6ec3dc92a4395f4a8bd2b
SHA512 cb3674f078d9696f9e05cc9fb8e2ff9fcbda70cc25006c8c083691211c81e7f8cd98daede2683ca2cf926b1250aecca12654b7ccdb3ad4aefde10cb42e3a4d5e
Imphash 13b9444f7fdc29e5f6651eca6ff9ee10
File Size 860160 bytes

Ransom.Win32.Miner.cld Removal

Ransom.Win32.Miner.cld Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.Miner.cld without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileVersion 1.0.0.0
FileDescription 易语言程序
ProductName 4399注册机
ProductVersion 1.0.0.0
LegalCopyright 作者版权所有 请尊重并使用正版
Comments 本程序使用易语言编写(http://www.eyuyan.com)
Translation 0x0804 0x04b0

Portable Executable Info

1fa61c049413b5ea14234b0662fb4006
a1067b4196d17b78814e676232e220b2
f1d8a4b898b8a4c4
Image Base: 0x00400000
Entry Point: 0x0046da71
Compilation: 2022-01-13 03:48:30
Checksum: 0x00000000 (Actual: 0x000de45a)
OS Version: 4.0
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows
Sign: No valid SignedData structure was found.
Sections: 4
Imports: KERNEL32, USER32, GDI32, WINMM, WINSPOOL, ADVAPI32, SHELL32, ole32, OLEAUT32, COMCTL32, WS2_32, comdlg32,
Exports: 0
Resources: 56

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0008bf1e 0x0008c000 5c7199e90b86df9a2f8f6cc77d382e07 6.57
.rdata 0x0008d000 0x0002cf66 0x0002d000 1667d8eed3481a17b3f17b39356f4962 6.60
.data 0x000ba000 0x00030bc8 0x00012000 14f305c629884c6aaecbf158540354b6 5.09
.rsrc 0x000eb000 0x000059ec 0x00006000 db1e02dad1927476e01ddf6544cc9221 5.35

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware