Adware

About “BScope.Adware.CoinMiner” infection

Malware Removal

The BScope.Adware.CoinMiner is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Adware.CoinMiner virus can do?

  • Presents an Authenticode digital signature
  • Starts servers listening on 127.0.0.1:37601
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup

How to determine BScope.Adware.CoinMiner?



File Info:

crc32: E8364ADE
md5: f829e09a02eb3585ee155a17dfee6a94
name: F829E09A02EB3585EE155A17DFEE6A94.mlw
sha1: 20a3ef713fe1d47e1a7d35e66b6427ce0e19a292
sha256: 61a169940a8a17945d4050b21ee03c760021d685ac530cb52400e8ae8e11bb7f
sha512: 74f2986aca941b3643925f74f943c76d8fa51a8ea352c3c443fd3b008c2d045ace3e0349ba9697049e229d466d790051e1eadc023b68f498ff26b928914cd546
ssdeep: 49152:oZ576bP0qHsYTyyFxnaNwwGqjqQMOm+p/q+QLTyGnw:oZ5egq7WyFxaqhQMOnAnw
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) x676dx5ddex76c8x9ad8x79d1x6280x3002x4fddx7559x6240x6709x6743x5229x3002
InternalName: MiniAgent.exe
FileVersion: 6.0.0.1
CompanyName: x676dx5ddex76c8x9ad8x79d1x6280x6709x9650x516cx53f8
ProductName: x8ff7x4f60x5c0fx52a9x624bx5b89x88c5x7a0bx5e8f
ProductVersion: 6.0.0.1
FileDescription: x8ff7x4f60x5c0fx52a9x624bx5b89x88c5x7a0bx5e8f
OriginalFilename: MiniAgent.exe
Translation: 0x0804 0x03a8

BScope.Adware.CoinMiner also known as:

VBA32BScope.Adware.CoinMiner

How to remove BScope.Adware.CoinMiner?

BScope.Adware.CoinMiner removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment