Malware

Win32:Miner-BA [Trj] removal tips

Malware Removal

The Win32:Miner-BA [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Miner-BA [Trj] virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Starts servers listening on 127.0.0.1:4048
  • Anomalous binary characteristics

Related domains:

pool.minexmr.com

How to determine Win32:Miner-BA [Trj]?



File Info:

crc32: D6A63A7F
md5: 5b136ef1fae9ab9a42d0918dc4431867
name: cpuminer.exe
sha1: 12a1130c51c0218041aeb1dfec841921b5dbf0f9
sha256: f8203d2a185d7a5b50f7d9e4f58e58a2d471a9f09a6c2bcc0c93235a542d1830
sha512: e1fb1340473d3762f9b080c6786aa1f4ed3a52da344f76f4910bf0338369693d7236fe276fe1a56e2fe84ba0b4ac6aa87930d669c3f0589f6e31e7c8e9c0a624
ssdeep: 49152:++ZqT27FCSzPPMxbwrj1w9vi/wlgj8rDGRTk3:+eqn3vLuo
type: PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows


Version Info:

0: [No Data]

Win32:Miner-BA [Trj] also known as:

MicroWorld-eScanGen:Application.Heur2.1LX@byX@pnkab
FireEyeGeneric.mg.5b136ef1fae9ab9a
CylanceUnsafe
BitDefenderGen:Application.Heur2.1LX@byX@pnkab
AvastWin32:Miner-BA [Trj]
GDataGen:Application.Heur2.1LX@byX@pnkab
KasperskyTrojan.Win32.Snojan.hrd
NANO-AntivirusTrojan.Win32.Snojan.enhfuh
Endgamemalicious (high confidence)
EmsisoftGen:Application.Heur2.1LX@byX@pnkab (B)
ComodoMalware@#26u4ue7avkgki
Invinceaheuristic
IkarusPUA.CoinMiner
MAXmalware (ai score=71)
Antiy-AVLTrojan/Win32.Snojan
ArcabitApplication.Heur2.E279C7
ZoneAlarmTrojan.Win32.Snojan.hrd
MicrosoftPUA:Win32/CoinMiner
Ad-AwareGen:Application.Heur2.1LX@byX@pnkab
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/CoinMiner.BV potentially unwanted
SentinelOneDFI – Malicious PE
eGambitTrojan.Generic
AVGWin32:Miner-BA [Trj]
Cybereasonmalicious.1fae9a

How to remove Win32:Miner-BA [Trj]?

Win32:Miner-BA [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment