Risk

RiskTool.Win32.BitCoinMiner.hzmk removal instruction

Malware Removal

The RiskTool.Win32.BitCoinMiner.hzmk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What RiskTool.Win32.BitCoinMiner.hzmk virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine RiskTool.Win32.BitCoinMiner.hzmk?


File Info:

name: 6D2044A5DB651D39CB0C.mlw
path: /opt/CAPEv2/storage/binaries/41953a96f90035f5dc36a26307f3547571409c856e73d3c412b6ec8e124740d1
crc32: ABA04984
md5: 6d2044a5db651d39cb0c7c8c426ed7b9
sha1: 03ecadc8933d0a96b3442bc0e86e74f51e454ac7
sha256: 41953a96f90035f5dc36a26307f3547571409c856e73d3c412b6ec8e124740d1
sha512: 730909385f09e111c76fb17fa8d84464fdd8ddbc4f2a854806d0ffad0c68c8ea72faada9d2a11ffb27d7ab7b21464c2558176881426e8bd76c22d77c81a1a01c
ssdeep: 24576:KmybldIbRNIj4lg3uxWvM56r2UHGf58H3LAHdEjJD73/bS/I:gp4RNIAxt6rVHk8HbAHix73/bb
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T148755B4BF9161AAFCE1257F08CE7F37B9328327991238F6EDD144C28A737B46551620A
sha3_384: 3c7a0af24e4192e5ca341d5e2a673084f3e81c9cb2be79b17bf4c49d1c2a38fa0211f494006e4f56603b2e00773e3a39
ep_bytes: 83ec1cc7042401000000ff15aca74900
timestamp: 2013-09-19 04:39:34

Version Info:

0: [No Data]

RiskTool.Win32.BitCoinMiner.hzmk also known as:

LionicRiskware.Win32.BitCoinMiner.1!c
Elasticmalicious (high confidence)
ALYacAdware.GenericKD.48080648
CylanceUnsafe
VIPREVirTool.Win32.Obfuscator.hg!b1 (v)
SangforCoinMiner.Win32.BitCoinMiner.JV
K7AntiVirusUnwanted-Program ( 004d38111 )
BitDefenderAdware.GenericKD.48080648
K7GWUnwanted-Program ( 004d38111 )
Cybereasonmalicious.5db651
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/CoinMiner.BW potentially unwanted
AvastWin32:BitCoinMiner-JV [Trj]
Kasperskynot-a-virus:RiskTool.Win32.BitCoinMiner.hzmk
AlibabaRiskWare:Win32/Miners.281f0c34
NANO-AntivirusRiskware.Win32.BitCoinMiner.faokte
ViRobotAdware.Bitcoinminer.1688723
MicroWorld-eScanAdware.GenericKD.48080648
EmsisoftAdware.GenericKD.48080648 (B)
ComodoMalware@#1ug1sd3661uho
DrWebTool.BtcMine.144
ZillyaAdware.BitCoinMiner.Win32.1
TrendMicroTROJ_GEN.R002C0WAR22
FireEyeGeneric.mg.6d2044a5db651d39
SophosBitcoin Miner (PUA)
JiangminRiskTool.BitCoinMiner.gyb
WebrootW32.Bitcoinminer.Gen
AviraPUA/CoinMiner.Gen
MAXmalware (ai score=61)
Antiy-AVLTrojan/Generic.ASMalwS.1C772FF
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ZoneAlarmnot-a-virus:HEUR:RiskTool.Win32.CoinMiner.gen
GDataAdware.GenericKD.48080648
AhnLab-V3Trojan/Win32.BitCoinMiner.R94289
McAfeeGenericRXAA-AA!6D2044A5DB65
VBA32BScope.Trojan.Zpevdo
MalwarebytesRiskWare.BitCoinMiner
TrendMicro-HouseCallTROJ_GEN.R002C0WAR22
YandexRiskware.Agent!BTIiHHwrVsE
Ikarusnot-a-virus:RiskTool.Win32
eGambitUnsafe.AI_Score_100%
FortinetRiskware/CoinMiner
AVGWin32:BitCoinMiner-JV [Trj]
MaxSecureTrojan.Malware.1517434.susgen

How to remove RiskTool.Win32.BitCoinMiner.hzmk?

RiskTool.Win32.BitCoinMiner.hzmk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment