PUA

MultiMiner (PUA) (file analysis)

Malware Removal

The MultiMiner (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MultiMiner (PUA) virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine MultiMiner (PUA)?



File Info:

name: DD0909587082BDD5F3C3.mlw
path: /opt/CAPEv2/storage/binaries/c4576618e7c71552086766a9e64b23d3278ac264b22dbd750ab19b3d987ba2d3
crc32: A410D652
md5: dd0909587082bdd5f3c3347b02c85d17
sha1: a68d93cc74cae001de751c834f8d8a141f8f42cf
sha256: c4576618e7c71552086766a9e64b23d3278ac264b22dbd750ab19b3d987ba2d3
sha512: a0de40fbbc88a25f491c3bb35c25306f0fe12980352caa79f1d59953577b095766b06bde15e8de75800257544e95bbea487e8ff9d80067cf2327837ba52837de
ssdeep: 12288:8pgmB9/Fjnk7CPfVqkoNAoMb3FyCCC8f5yMDgf1:C+CCC2qf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T169250B623550048AD5350BBC4490A990936D6DB7AB3CE1DF18A3F1AE46F3B8E0792DF7
sha3_384: b553df67180e03b3177b92a0256737e49a0385746aa450f60eb36810b2e36753f1381e5a042c0826b664f58867ea04fb
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-12-29 01:03:41


Version Info:

Translation: 0x0000 0x04b0
FileDescription: MultiMiner.Win
FileVersion: 4.1.3.368
InternalName: MultiMiner.Win.exe
LegalCopyright: Copyright ©  2013
OriginalFilename: MultiMiner.Win.exe
ProductName: MultiMiner.Win
ProductVersion: 4.1.3.368
Assembly Version: 4.1.3.368

MultiMiner (PUA) also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47506251
FireEyeGeneric.mg.dd0909587082bdd5
McAfeeGenericRXAA-AA!DD0909587082
CylanceUnsafe
ZillyaTrojan.MultiMiner.Win32.12
SangforCoinMiner.MSIL.CoinMiner.V@gen
K7AntiVirusUnwanted-Program ( 004d38111 )
K7GWUnwanted-Program ( 004ba8de1 )
ESET-NOD32a variant of MSIL/MultiMiner.B potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CKU21
BitDefenderTrojan.GenericKD.47506251
NANO-AntivirusTrojan.Win32.MultiMiner.howxns
AvastWin32:MultiMiner-E [Miner]
Ad-AwareTrojan.GenericKD.47506251
SophosMultiMiner (PUA)
ComodoMalware@#n7cjgf14j6p
F-SecurePotentialRisk.PUA/CoinMiner.Gen
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis!Trojan
EmsisoftTrojan.GenericKD.47506251 (B)
GDataMSIL.Application.CoinMiner.V@gen
MaxSecureTrojan.Malware.300983.susgen
AviraPUA/CoinMiner.Gen
MAXmalware (ai score=88)
GridinsoftRansom.Win32.Gen.sa
ArcabitTrojan.Generic.D2D4E34B
CynetMalicious (score: 99)
VBA32Trojan.MSIL.gen.m
ALYacTrojan.GenericKD.47506251
MalwarebytesMalware.AI.4130882143
APEXMalicious
YandexRiskware.Agent!5MAvYthdlUw
SentinelOneStatic AI – Suspicious PE
AVGWin32:MultiMiner-E [Miner]

How to remove MultiMiner (PUA)?

MultiMiner (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment