I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
MINERD.EXE – Trojan CoinMiner removal
File | MD5 | Virus Alias |
---|---|---|
MINERD.EXE | edc4493c070bdabb0f6733a9c7f2f7a3 | Trojan CoinMiner |
MINERD.EXE | edc4493c070bdabb0f6733a9c7f2f7a3 | Trojan BitMiner |
MINERD.EXE | edc4493c070bdabb0f6733a9c7f2f7a3 | Trojan Bitcoin |
MINERD.EXE | edc4493c070bdabb0f6733a9c7f2f7a3 | Trojan SuspiciousFile |
MINERD.EXE | edc4493c070bdabb0f6733a9c7f2f7a3 | Trojan Artemis |
MINERD.EXE | edc4493c070bdabb0f6733a9c7f2f7a3 | Trojan Agent |
MINERD.EXE size: 473565 bytes
MINERD.EXE hash: EDC4493C070BDABB0F6733A9C7F2F7A3
Created files:
%Local AppData%\FlashContainer\bin\bfg32\backtrace.dll
%Local AppData%\FlashContainer\bin\bfg32\bfgminer-rpc.exe
%Local AppData%\FlashContainer\bin\bfg32\bfgminer.exe
%Local AppData%\FlashContainer\bin\bfg32\libblkmaker-0.1-0.dll
%Local AppData%\FlashContainer\bin\bfg32\libblkmaker_jansson-0.1-0.dll
%Local AppData%\FlashContainer\bin\bfg32\libcurl-4.dll
%Local AppData%\FlashContainer\bin\bfg32\libjansson-4.dll
%Local AppData%\FlashContainer\bin\bfg32\libusb-1.0.dll
%Local AppData%\FlashContainer\bin\bfg32\pdcurses.dll
%Local AppData%\FlashContainer\bin\bfg32\pthreadGC2.dll
%Local AppData%\FlashContainer\bin\bfg32\scrypt130511.cl
%Local AppData%\FlashContainer\bin\bfg32\zlib1.dll
%Local AppData%\FlashContainer\bin\bfg64\backtrace.dll
%Local AppData%\FlashContainer\bin\bfg64\bfgminer-rpc.exe
%Local AppData%\FlashContainer\bin\bfg64\bfgminer.exe
%Local AppData%\FlashContainer\bin\bfg64\libblkmaker-0.1-0.dll
%Local AppData%\FlashContainer\bin\bfg64\libblkmaker_jansson-0.1-0.dll
%Local AppData%\FlashContainer\bin\bfg64\libcurl-4.dll
%Local AppData%\FlashContainer\bin\bfg64\libjansson-4.dll
%Local AppData%\FlashContainer\bin\bfg64\libusb-1.0.dll
%Local AppData%\FlashContainer\bin\bfg64\pdcurses.dll
%Local AppData%\FlashContainer\bin\bfg64\pthreadGC2.dll
%Local AppData%\FlashContainer\bin\bfg64\scrypt130511.cl
%Local AppData%\FlashContainer\bin\bfg64\zlib1.dll
%Local AppData%\FlashContainer\bin\miderd\libcurl-4.dll
%Local AppData%\FlashContainer\bin\miderd\minerd.exe
%Local AppData%\FlashContainer\bin\miderd\pthreadGC2.dll
%Local AppData%\FlashContainer\bin\miderd\zlib1.dll
%Local AppData%\FlashContainer\dll\hookdll.dll
%Local AppData%\FlashContainer\dll\hookdll64.dll
%Local AppData%\FlashContainer\rundll32.exe
%Local AppData%\FlashContainer\taskhost.exe
Autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Host Process: “%WinDir%\System32\config\Systemprofile\Local Settings\Application Data\FlashContainer\rundll32.exe”
Detected by UnHackMe:
MINERD.EXE
Default location: %LOCAL APPDATA%\FLASHCONTAINER\BIN\MIDERD\MINERD.EXE
Dropper information:
MD5: 91c3f1af251700059b0ce11a6637d34e
File size: 2303488 bytes