Miner.exe Trojan CoinMiner Analysis

Trojan CoinMiner
Updated on 2024-08-04 (1 month ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.183.174
DB Version:2024-08-04 20:00:38

Trojan.Win64.CoinMiner.cl

CoinMiner is a type of malware that harnesses the victim's computer resources, primarily CPU and RAM, to engage in cryptocurrency mining, such as for Monero or Zcash. This malware establishes persistence by integrating an open-source mining tool into the system's startup routine without the user's consent. Advanced coin miners often employ techniques like timer configurations or CPU usage limits to operate discreetly and avoid detection.

Fileminer.exe
Checked2024-08-04 17:54:12
MD58cf4ca902d1a5130d0758a06e9892985
SHA132877cc2930e60068c52595a30d2b55ae6ca7f8e
SHA2569ec744dd4fb60a101a79671c322873a518621775c183b51387c2aef46f353e65
SHA5121c1998a58185eefdeb17cef80afcbf6248ffe4de159548066077028ca26e73aee6e7a5ac6bcdd776ce8e26513c4f1762a037b2530f16acaa054b8d814613b433
Imphash01796e41742c9f2ea3881f62d9a9c002
File Size82000896 bytes

Trojan.Win64.CoinMiner.cl Removal

Trojan.Win64.CoinMiner.cl Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.CoinMiner.cl without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

Portable Executable Info

Image Base:0x140000000
Entry Point:0x140396784
Compilation:2024-03-06 13:03:14
Checksum:0x00000000 (Actual: 0x04e42030)
OS Version:6.0
PEiD:PE32+ executable (console) x86-64, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:7
Imports: USERENV, PSAPI, WINMM, SETUPAPI, WS2_32, KERNEL32, USER32, ADVAPI32, bcrypt, CRYPT32,
Exports: 0
Resources:1

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x003db100 0x003db200 58449b627246c42038d1588faa7366e5 6.38
.rdata 0x003dd000 0x00240aa8 0x00240c00 cbaa723307fd7c3fa59b8b8abddb5c1e 7.01
.data 0x0061e000 0x047ee14c 0x047e7200 74985443fda9c9ca388fb907d02a51f9 7.86
.pdata 0x04e0d000 0x00022ec0 0x00023000 8153fe3b9a45a797438fc1b0685636ee 6.34
_RDATA 0x04e30000 0x000001f4 0x00000200 6c0b53637e95735d72f5868d6674d50e 4.18
.rsrc 0x04e31000 0x000001e0 0x00000200 e896f71dd8d2e75e59e56beacf661e0b 4.73
.reloc 0x04e32000 0x0000d374 0x0000d400 6967499a7b4af2049a6085d98a07c20f 5.47

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware