Risk

RiskTool.Win64.BitCoinMiner information

Malware Removal

The RiskTool.Win64.BitCoinMiner is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What RiskTool.Win64.BitCoinMiner virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine RiskTool.Win64.BitCoinMiner?


File Info:

name: E21DDED56A4A344EFADA.mlw
path: /opt/CAPEv2/storage/binaries/3d4dc5d1c256ec5c761b422631ba5d2a81ebedef53f88270c82d725b8a53fa57
crc32: 52B2BEFC
md5: e21dded56a4a344efada7f7aaa7dee74
sha1: 06f540ebf8584d6eb1a29e9989648a927f1b4da1
sha256: 3d4dc5d1c256ec5c761b422631ba5d2a81ebedef53f88270c82d725b8a53fa57
sha512: 26a0df81cfabe454b80ce79d7a35738a34bb5974438206bd8e030b03a2a6b08afaeb4cc8721186ae4aff23cfa0c2abc2c3ce37f916c41714ea2a4c55e90051ca
ssdeep: 12288:YA9fUeJ+aj5BGG1neeRLM2scPoOe99qybuN0RhYe04xC1F3ldRqr8j9:NmeJ+qzGG1nTw2MORkh504xC1/dkYR
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1AAE45D5E729021BA96DFD068C91F480FF7F238994328A5DF52A177AA2F136C1C539F21
sha3_384: 12748895925d19d8849669c8f333c24674acd0fc6af4086719766c7d9ef804bb6d3d417b366d3fd453c86069dc14248b
ep_bytes: 4883ec28e82b0800004883c428e972fe
timestamp: 2019-08-28 23:48:37

Version Info:

0: [No Data]

RiskTool.Win64.BitCoinMiner also known as:

Elasticmalicious (high confidence)
DrWebTrojan.BtcMine.3367
MicroWorld-eScanTrojan.GenericKD.62396266
FireEyeGeneric.mg.e21dded56a4a344e
ZillyaTrojan.CoinMiner.Win64.1428
SangforTrojan.Win32.Save.a
Cybereasonmalicious.56a4a3
CyrenW64/S-3ab9a69c!Eldorado
APEXMalicious
ClamAVWin.Trojan.Generickdz-9866491-0
BitDefenderTrojan.GenericKD.62396266
AvastWin32:XMRMiner-H [Miner]
Ad-AwareTrojan.GenericKD.62396266
EmsisoftTrojan.GenericKD.62396266 (B)
VIPRETrojan.GenericKD.62396266
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
GDataTrojan.GenericKD.62396266
JiangminTrojan.MSIL.qzrf
GoogleDetected
MAXmalware (ai score=80)
ArcabitTrojan.Generic.D3B8176A
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
VBA32RiskTool.Win64.BitCoinMiner
ALYacTrojan.GenericKD.62396266
MalwarebytesGeneric.Trojan.Malicious.DDS
IkarusTrojan.Win64.CoinMiner
FortinetW64/XMRMiner.H!tr
AVGWin32:XMRMiner-H [Miner]

How to remove RiskTool.Win64.BitCoinMiner?

RiskTool.Win64.BitCoinMiner removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment