Gridinsoft Logo

Backpack Hero.exe Trojan Miner Analysis

Trojan Miner
Updated on 2025-03-06 (1 month ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.210.174
DB Version: 2025-03-06 02:00:41

Trojan.Win64.Miner.cld

Miner is a type of malware that harnesses the victim's computer resources, primarily CPU and RAM, to engage in cryptocurrency mining, such as for Monero or Zcash. This malware establishes persistence by integrating an open-source mining tool into the system's startup routine without the user's consent. Advanced miners often employ techniques like timer configurations or CPU usage limits to operate discreetly and avoid detection.

File Backpack Hero.exe
Checked 2025-03-06 00:43:28
MD5 5df11a71753ca3fe47dac2220a81b1b1
SHA1 4fe8dfa38858bc049af97f9b4a1bcf005a6f0ad8
SHA256 e12d6a7452dd56cfb058ac5a364f0d008870b900b0da53b12c0c58f782488924
SHA512 b6a5e1d610b7c5968b5e327ee3ed6d721fcd97ccf8f1fc974dd5907fdd6d1194e92056301ed66d3f69d95605a318d28e39b24b52f80c14f87c925ef2a91b2a76
Imphash 5f74a5c747508e2822fdb9b687deaf42
File Size 653824 bytes

Trojan.Win64.Miner.cld Removal

Trojan.Win64.Miner.cld Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.Miner.cld without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileVersion 2021.3.22.11978065
LegalCopyright (c) 2023 Unity Technologies ApS. All rights reserved.
ProductVersion 2021.3.22f1 (b6c551784ba3)
Translation 0x0409 0x04b0

Portable Executable Info

7be4aa1af16986267ac37f7c0de953ad
66b1143c29783e3ff7c5e87c9037e1e7
73ccaa7055456917
Image Base: 0x140000000
Entry Point: 0x140001260
Compilation: 2023-03-21 22:03:32
Checksum: 0x00000000 (Actual: 0x000a550d)
OS Version: 6.0
PDB Path: C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
PEiD: PE32+ executable (GUI) x86-64, for MS Windows
Sign: No valid SignedData structure was found.
Sections: 7
Imports: UnityPlayer, KERNEL32,
Exports: 2
Resources: 12

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0000a140 0x0000a200 4190b7be9f5f4eb52c040a688e61a250 6.40
.rdata 0x0000c000 0x00008cce 0x00008e00 fc7c11845455463fa83cd710f0876370 4.65
.data 0x00015000 0x00001ce8 0x00000c00 2e9924c581c86e57e2e2b0ac87e1aa45 1.68
.pdata 0x00017000 0x00000c54 0x00000e00 2717431295e555cdae3fb602e2bd957e 4.35
_RDATA 0x00018000 0x00000094 0x00000200 1960efd573f3d23522c840210d59fb7e 1.09
.rsrc 0x00019000 0x0008a198 0x0008a200 54c16cb8743ed7ec6b28ef34347ab07e 3.83
.reloc 0x000a4000 0x00000638 0x00000800 687aa942cda2e64adc67a829f1587240 4.79

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware