Risk

How to remove “RiskTool.Win32.BitCoinMiner.ojyr”?

Malware Removal

The RiskTool.Win32.BitCoinMiner.ojyr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RiskTool.Win32.BitCoinMiner.ojyr virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine RiskTool.Win32.BitCoinMiner.ojyr?



File Info:

name: F20B38543570847D6C7A.mlw
path: /opt/CAPEv2/storage/binaries/66827c688a37a0c6002742e5e3fc4d0c3293b63de8cf0d3d713f993e21d9819c
crc32: 6D3D217E
md5: f20b38543570847d6c7a879127c6e55b
sha1: 3779835b4b1fde6fccf1433208b49c603942a169
sha256: 66827c688a37a0c6002742e5e3fc4d0c3293b63de8cf0d3d713f993e21d9819c
sha512: db55a784401d57358bf26df8312cfcdd06e145988e1afb7bf646092e67b3f86b26da93cc11969cbabc1030a97a4cd538ff29b3f3decf404f44c4fb51fa2639d1
ssdeep: 196608:fxNufAVuM1BIgjty7VaZQ13xuB+BGwAdIeJp+d/PCbOjxTJYQVfL5Z:fWfojtypaZeBwA/qUVDf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T176C6F130764EC42BCA6A05F0696C9A9F55287E760B7154C7B3DC2E6E1BB49C30732E27
sha3_384: 469b1c8f1f662ccb3fecc306dbb6d3444f7e72cf30f9a4efe4e33664a269bb8c3e15103e026bbbbcbd4d03f72005237d
ep_bytes: e8d8060000e97afeffff8b4df464890d
timestamp: 2021-12-17 11:28:24


Version Info:

CompanyName: Your Company
FileDescription: dxHax Hack Installer
FileVersion: 1.0.0
InternalName: dxHax Hack
LegalCopyright: Copyright (C) 2022 Your Company
OriginalFileName: dxHax Hack.exe
ProductName: dxHax Hack
ProductVersion: 1.0.0
Translation: 0x0409 0x04b0

RiskTool.Win32.BitCoinMiner.ojyr also known as:

LionicTrojan.Win32.Agent.b!c
McAfeeArtemis!F20B38543570
CylanceUnsafe
K7AntiVirusTrojan ( 0056e5201 )
AlibabaTrojanDropper:Win64/Themida.925721cb
K7GWTrojan ( 0056e5201 )
ESET-NOD32multiple detections
Kasperskynot-a-virus:RiskTool.Win32.BitCoinMiner.ojyr
AvastWin32:Trojan-gen
RisingDropper.Agent!8.2F (CLOUD)
SophosGeneric PUA DH (PUA)
McAfee-GW-EditionBehavesLike.Win32.BadFile.wc
AviraTR/CoinMiner.wxrqp
MicrosoftTrojan:Win64/DisguisedXMRigMiner
GDataWin32.Application.Coinminer.UAPUNN
CynetMalicious (score: 99)
TrendMicro-HouseCallTROJ_GEN.R002H0CB522
TencentWin64.Trojan.Coinminer.Dyzj
FortinetMalicious_Behavior.SB
AVGWin32:Trojan-gen

How to remove RiskTool.Win32.BitCoinMiner.ojyr?

RiskTool.Win32.BitCoinMiner.ojyr removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment