popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

ethminer.exe

QuickMiner CoinMiner OS Processor Check PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 10, 2021, 10:59 a.m. July 10, 2021, 10:59 a.m.
Size 4.4MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 c6dedabf9eae985f537f6270d8f91808
SHA256 880935907482864eec59532000ac75d725bb4875c1ad2d8fb23bf2bdec85e4a6
CRC32 2C0B5120
ssdeep 49152:Xs6gT/DnKzvciFDmM2KBhQPR8522FZyP18abU53xth5CRGzSnAH6pUnmcBZgF9br:aay7tR8Smx/3WeZH8P7gH
Yara
  • CoinMiner_IN - CoinMiner
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • QuickMiner_IN - QuickMiner

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .nv_fatb
section .nvFatBi
section _RDATA
FireEye Generic.mg.c6dedabf9eae985f
ESET-NOD32 a variant of Win64/CoinMiner.RH potentially unwanted
ClamAV Win.Coinminer.Generic-7165577-0
Kaspersky not-a-virus:HEUR:RiskTool.Win64.Miner.b
Avast Win64:MiscX-gen [PUP]
Sophos Ethminer Ethereum Miner (PUA)
SentinelOne Static AI - Suspicious PE
Microsoft PUA:Win32/CoinMiner
AhnLab-V3 Win-Trojan/Miner3.Exp
Malwarebytes RiskWare.BitCoinMiner
Ikarus PUA.CoinMiner
Fortinet Riskware/CoinMiner
AVG Win64:MiscX-gen [PUP]
Qihoo-360 Win64/Miner.Generic.HgEASX8A