Trojan

Trojan-Downloader.Win32.Miner.ei removal guide

Malware Removal

The Trojan-Downloader.Win32.Miner.ei is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Miner.ei virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

Related domains:

github.com

How to determine Trojan-Downloader.Win32.Miner.ei?



File Info:

name: 586D58DFD5CBD939AC1A.mlw
path: /opt/CAPEv2/storage/binaries/3b5070ec118ea39d2150cd6158dc2a6c86fa8237535f2efb26c8d25699b137ec
crc32: BC59AABE
md5: 586d58dfd5cbd939ac1a4d6c9ef4f0f0
sha1: f473e18d9beddad788b0908a42936f94ffbccb28
sha256: 3b5070ec118ea39d2150cd6158dc2a6c86fa8237535f2efb26c8d25699b137ec
sha512: b755a08f12f8e4fa7308e4a6cfca503c96154c8842f857bea6d46be89909d2062f1f67970865aa99f37ca64aaa9580ee40c069fa6424248b3fdf658c8f52ca0f
ssdeep: 49152:8Vb1l7mH95AlYcJP+ZvBAthURx1mXKePL+MPHIq9b:8xcclY+GJAiw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T114756B71BBC7C03BD1B61572186DE76F91B5BE211E7248BB67942F6D1A30C828530E2B
sha3_384: 53c9c89320d6542f66136adca4940cd94c7fac7e15ff5cc21f130fc7d7065940ca362f5739d94e30dd42c5a8f84c9361
ep_bytes: e86c060000e98efeffffff2598825100
timestamp: 2017-08-18 11:30:38


Version Info:

CompanyName: MS
FileDescription: Integrator.
FileVersion: 5
InternalName: x_noelratkey
LegalCopyright: Copyright (C) 2018 MS
OriginalFileName: x_noelratkey.exe
ProductName: Integrator
ProductVersion: 5
Translation: 0x0409 0x04b0

Trojan-Downloader.Win32.Miner.ei also known as:

LionicTrojan.Win32.Miner.4!c
McAfeeArtemis!586D58DFD5CB
CylanceUnsafe
SangforTrojan.Win32.Miner.ei
AlibabaTrojanDownloader:Win32/Miner.0edb839b
SymantecTrojan.Gen.2
APEXMalicious
AvastFileRepMalware
KasperskyTrojan-Downloader.Win32.Miner.ei
TencentWin32.Trojan-downloader.Miner.Swbl
ComodoMalware@#3bmgr50sbosjz
McAfee-GW-EditionBehavesLike.Win32.BadFile.th
SophosMal/Generic-S
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Zpevdo.B
VBA32TrojanDownloader.Miner
RisingTrojan.Generic@ML.90 (RDMK:hKdnoJUZkPTf7iLZPjoMXQ)
FortinetW32/Miner.EI!tr.dldr
AVGFileRepMalware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan-Downloader.Win32.Miner.ei?

Trojan-Downloader.Win32.Miner.ei removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment