RiskTool.Win64.CoinMiner malicious file

The RiskTool.Win64.CoinMiner is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RiskTool.Win64.CoinMiner virus can do?

Presents an Authenticode digital signature

How to determine RiskTool.Win64.CoinMiner?


File Info:
crc32: E582C2B8
md5: 10dc8f7e0c9e90b004a53e19ee848df3
name: 10DC8F7E0C9E90B004A53E19EE848DF3.mlw
sha1: cbc6777ba58eb2296517b1b92eeca77da989818f
sha256: ad0e3c8153e7141dde43da94115e7ce910131508e842c8290eddf7ed7dd74f38
sha512: 5005f8177b5002577d437a69fa823a1a3e1d3177ee5e1def052d9dff29de040b14e0e4a806920159657e2f678f843fd86189f048af951a5c1d749d30afe0d72b
ssdeep: 24576:edM9RODK6K6AfkBGr/BCguNX+dCJEVdB6BKNEI8sg6VN8ZavYLtIwFZP:eu9RODKf6Afkm/BvJt8lqmtIw7P
type: PE32+ executable (console) x86-64, for MS Windows

Version Info:
LegalCopyright: OfficialTwist. 2019
InternalName: officialtwist.exe
FileVersion: 1.0.0.3
CompanyName: OfficialTwist.
ProductName: OfficialTwist
ProductVersion: 1.0.0.3
FileDescription: OfficialTwist
OriginalFilename: officialtwist.exe
Translation: 0x0407 0x04b0

RiskTool.Win64.CoinMiner also known as:

Lionic	Riskware.Win32.OpenSUpdater.1!c
Elastic	malicious (high confidence)
ALYac	Gen:Variant.Application.BitCoinMiner.IdleBuddy.2
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (D)
Alibaba	RiskWare:Win64/CoinMiner.e549980e
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win64/Adware.OpenSUpdater.AA
APEX	Malicious
Avast	Win64:Adware-gen [Adw]
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:HEUR:RiskTool.Win64.CoinMiner.gen
BitDefender	Gen:Variant.Application.BitCoinMiner.IdleBuddy.2
MicroWorld-eScan	Gen:Variant.Application.BitCoinMiner.IdleBuddy.2
Tencent	Win64.Adware.Opensupdater.Dxxc
Ad-Aware	Gen:Variant.Application.BitCoinMiner.IdleBuddy.2
Sophos	Generic PUA ML (PUA)
VIPRE	Win64.Adware.OpenSUpdater
McAfee-GW-Edition	Artemis!PUP
FireEye	Generic.mg.10dc8f7e0c9e90b0
Emsisoft	Gen:Variant.Application.BitCoinMiner.IdleBuddy.2 (B)
SentinelOne	Static AI – Malicious PE
Webroot	W32.Adware.Gen
Avira	HEUR/AGEN.1108436
Microsoft	PUADlManager:Win32/OpenDownloadManager
Arcabit	Trojan.Application.BitCoinMiner.IdleBuddy.2
GData	Gen:Variant.Application.BitCoinMiner.IdleBuddy.2
AhnLab-V3	Pup/Win32.RL_Generic.R264497
McAfee	Artemis!10DC8F7E0C9E
Malwarebytes	Adware.SpecialSearchOffer
Yandex	Trojan.GenAsa!gIZYJ0Y416I
Ikarus	AdWare.Opensupdater
MaxSecure	Trojan.Malware.74246856.susgen
Fortinet	Adware/OpenSUpdater
AVG	Win64:Adware-gen [Adw]
Paloalto	generic.ml

How to remove RiskTool.Win64.CoinMiner?

RiskTool.Win64.CoinMiner removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X