The RiskTool.Win64.XMRigMiner.kh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What RiskTool.Win64.XMRigMiner.kh virus can do?
File Info:
name: AF7A8BB6AC7C550998F1.mlwpath: /opt/CAPEv2/storage/binaries/15de8992eeac6cad15a17b31a929bc9b7414a315e7315250dcfa04965623a661crc32: 5A96DF62md5: af7a8bb6ac7c550998f1d1c76c209690sha1: c541b74de7820cb3b7c83df62b5c1c23103376a5sha256: 15de8992eeac6cad15a17b31a929bc9b7414a315e7315250dcfa04965623a661sha512: ccceef9cfcaa7752944e3969b2f9a41d108977d5d8d809090039e4e1f62f1a4368a459848daf1893581453489312dd0f15c5c62222e15a593b9cdf9b299b7397ssdeep: 24576:by+jMkaTDtuF6kYK2MS6+wxaD21EtYlsVVRylcOJLrTkHurKg:byFkaTDtuMkxrU3t9icaLMurtype: PE32+ executable (console) x86-64, for MS Windowstlsh: T138452342E6E4EC32E93F93765105AF6EDE54B52687CE833CFA7C406E8F7461210467A2sha3_384: 05f28f8051a0170b7bf6b6dfbeeccda475883f641748cce81c0b1e3df242836c1ade4a3ba24d6fb01f9266dbca20dca9ep_bytes: 53565755488d351acaedff488dbedb7ftimestamp: 2020-08-20 06:12:10Version Info:
CompanyName: Microsoft CorporationFileDescription: Microsoft DirectX SetupFileVersion: 4.9.0.0904InternalName: dxsetup.exeLegalCopyright: Copyright (C) Microsoft Corporation. All rights reserved.OriginalFilename: dxsetup.exeProductName: Microsoft(R) DirectX for Windows(R)ProductVersion: 4.9.0.0904Translation: 0x0411 0x04b0
MicroWorld-eScan | Trojan.GenericKDZ.71553 |
FireEye | Generic.mg.af7a8bb6ac7c5509 |
ALYac | Trojan.GenericKDZ.71553 |
Cylance | Unsafe |
Zillya | Trojan.Miner.Win32.15865 |
Sangfor | Trojan.Win32.Save.a |
K7AntiVirus | CryptoMiner ( 0057f1d61 ) |
K7GW | CryptoMiner ( 0057f1d61 ) |
Cybereason | malicious.6ac7c5 |
Cyren | W64/CoinMiner.GS.gen!Eldorado |
Elastic | malicious (moderate confidence) |
ESET-NOD32 | a variant of Win64/CoinMiner.PO potentially unwanted |
ClamAV | Win.Dropper.Miner-9943640-0 |
Kaspersky | not-a-virus:RiskTool.Win64.XMRigMiner.kh |
BitDefender | Trojan.GenericKDZ.71553 |
Cynet | Malicious (score: 100) |
Avast | Win64:Malware-gen |
Tencent | Trojan.Win32.Miner.pa |
Ad-Aware | Trojan.GenericKDZ.71553 |
Emsisoft | Application.Generic (A) |
DrWeb | Tool.BtcMine.2639 |
VIPRE | Trojan.GenericKDZ.71553 |
McAfee-GW-Edition | BehavesLike.Win64.CoinMiner.tc |
SentinelOne | Static AI – Malicious PE |
Trapmine | malicious.moderate.ml.score |
Sophos | Troj/Miner-AEN |
APEX | Malicious |
GData | Trojan.GenericKDZ.71553 |
Jiangmin | Trojan.Miner.nca |
MAX | malware (ai score=82) |
Antiy-AVL | Trojan/Generic.ASCommon.203 |
Microsoft | Trojan:Win32/Sabsik.TE.A!ml |
Detected | |
AhnLab-V3 | Trojan/Win.CoinMiner.R494707 |
Acronis | suspicious |
McAfee | CoinMiner-FEK!AF7A8BB6AC7C |
Malwarebytes | RiskWare.BitCoinMiner |
Rising | HackTool.CoinMiner!1.CB20 (CLASSIC) |
Ikarus | PUA.CoinMiner |
MaxSecure | Trojan.Malware.121218.susgen |
Fortinet | Riskware/CoinMiner |
AVG | Win64:Malware-gen |
The Lazy.490007 is considered dangerous by lots of security experts. When this infection is active,…
The Backdoor:Win32/Rbot!pz is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.3351546188 is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.1193900862 is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.1522466034 is considered dangerous by lots of security experts. When this infection is active,…
The Fragtor.35742 (B) is considered dangerous by lots of security experts. When this infection is…