NSIS:CoinminerX-gen [Trj] removal tips

The NSIS:CoinminerX-gen [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What NSIS:CoinminerX-gen [Trj] virus can do?

Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid

How to determine NSIS:CoinminerX-gen [Trj]?


File Info:
name: C8945D7EA7C80C158BEA.mlw
path: /opt/CAPEv2/storage/binaries/cb7264559864a9f1d7c1dc8af0275c756b458720105382c62cbdd7d5d5cd7e17
crc32: 88CD769C
md5: c8945d7ea7c80c158bea5ce016836ddb
sha1: 9c1a4a9f20d332ec5c2b7641a401c2eac918b2ce
sha256: cb7264559864a9f1d7c1dc8af0275c756b458720105382c62cbdd7d5d5cd7e17
sha512: de59c699f8ded27660b3619f63f7a4bdcb702c712e1a9ba24b96200f3fa28325e68442ac5f94a65992d11cecbd956bfbb32c948615c67096e261b021e1ddc19a
ssdeep: 6144:8Ya6oqu+b84rRpVHS5EW7bC6R9dgKbPCGiL:8Y+qZ84rRpVMEW7HVgKNiL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17F3402157380DCF6F4A2493069792E775EB6BD2664F08B9B2350B6307C79EA1C916333
sha3_384: 2be448724336e73996834bc8cb6b7224d02b3ffb2341be96322bc7719347e1337682622be355894504b572cb3966df55
ep_bytes: 558bec81ecf40300005356576a205f33
timestamp: 2021-09-25 21:56:47

Version Info:
Comments: Jk5aJqHu9cx_3IY
CompanyName: Utility
FileDescription: kWgHZq6y7Vf2W2S
FileVersion: 9.8.3.0
LegalCopyright: tuxDw406NqUK7aT
LegalTrademarks: scEj
OriginalFilename: BuildName.exe
ProductName: Thief
ProductVersion: 8.8.1.0
Translation: 0x0409 0x04b0

NSIS:CoinminerX-gen [Trj] also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Fsysna.4!c
MicroWorld-eScan	Trojan.GenericKD.47541724
FireEye	Generic.mg.c8945d7ea7c80c15
McAfee	Artemis!C8945D7EA7C8
Symantec	Trojan.Gen.2
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Fsysna.gen
BitDefender	Trojan.GenericKD.47541724
Avast	NSIS:CoinminerX-gen [Trj]
Ad-Aware	Trojan.GenericKD.47541724
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.BadFile.dc
Emsisoft	Trojan.GenericKD.47541724 (B)
GData	Trojan.GenericKD.47541724
Jiangmin	Trojan.Generic.hcksl
MAX	malware (ai score=82)
Gridinsoft	Ransom.Win32.Gen.sa
Microsoft	Program:Win32/Uwamson.A!ml
Cynet	Malicious (score: 100)
ALYac	Trojan.GenericKD.47541724
VBA32	Trojan.Fsysna
SentinelOne	Static AI – Suspicious PE
AVG	NSIS:CoinminerX-gen [Trj]
Cybereason	malicious.f20d33
Panda	Trj/Genetic.gen

How to remove NSIS:CoinminerX-gen [Trj]?

NSIS:CoinminerX-gen [Trj] removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X