Riskware/Miner

#30661 by ikolor
Mon Jul 31, 2017 3:14 pm

somthing more

https://www.virustotal.com/pl/file/ba0c ... 501513886/

Attachments

No.rar

(747.69 KiB) Downloaded 40 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#30665 by Antelox
Tue Aug 01, 2017 7:32 am

ikolor wrote:somthing more

https://www.virustotal.com/pl/file/ba0c ... 501513886/

It's part of https://github.com/nicehash/nheqminer which looks like a bitcoin miner.

BR,

Antelox

@Antelox

Username

Antelox

Posts

298

Joined

Sun Mar 21, 2010 10:38 pm

Contact

Re: Malware collection

#31006 by Xylitol
Sat Nov 18, 2017 1:18 pm

JS/Miner, can be unwanted but not really sure about categorizing it as malware, just disable javascript on your browser, it's the only recommendation i can do.
if you can't and need plugins:
Chrome: https://chrome.google.com/webstore/deta ... hdbolnfimo
Firefox: https://addons.mozilla.org/en-US/firefo ... coinblock/

coinhive running via node-js, show slightly better performance than running on browser (about +5 h/s) but overall solo-mining via javascript not worth it.

Registration Problems and FAQ - Rules For Malware Requests

Username

Xylitol

Rank

Global Moderator

Posts

1706

Joined

Sat Apr 10, 2010 5:54 pm

Location

Seireitei, Soul Society

Contact

Re: Malware collection

#31255 by markusg
Sun Feb 11, 2018 5:23 pm

VirusTotal
SHA256:
5c13ceefbf24c9d248a91273066247350992ff2d86dd7c1fb5375ae71c83f6ab
Dateiname:
Youtube_byclick_Setup.exe
Erkennungsrate:
21 / 66
https://www.virustotal.com/de/file/5c13 ... /analysis/
my connection is bit slow for the next 1 week and the upload was canceled but if somebody want he can attach the file
a miner i think
https://www.dropbox.com/s/7rgorb5yxamxs ... up.7z?dl=1

Username

markusg

Posts

737

Joined

Mon Mar 15, 2010 2:53 pm

Re: Malware collection

#31259 by Antelox
Sun Feb 11, 2018 8:00 pm

markusg wrote:VirusTotal
SHA256:
5c13ceefbf24c9d248a91273066247350992ff2d86dd7c1fb5375ae71c83f6ab
Dateiname:
Youtube_byclick_Setup.exe
Erkennungsrate:
21 / 66
https://www.virustotal.com/de/file/5c13 ... /analysis/
my connection is bit slow for the next 1 week and the upload was canceled but if somebody want he can attach the file
a miner i think
https://www.dropbox.com/s/7rgorb5yxamxs ... up.7z?dl=1

Yes, it drops a miner.

BR,

Antelox

@Antelox

Username

Antelox

Posts

298

Joined

Sun Mar 21, 2010 10:38 pm

Contact

Re: Malware collection

#31309 by markusg
Fri Mar 02, 2018 11:45 pm

Download & Extract Here.exe
SHA-256
f54a78aa6d90eaa44a0cd757f90e649219207150f2c89ae0431bae150a1d6268
https://www.virustotal.com/#/file/f54a7 ... 68/details
miner?

Attachments

Download & Extract Here.7z

(5.11 MiB) Downloaded 30 times

Username

markusg

Posts

737

Joined

Mon Mar 15, 2010 2:53 pm

Re: Malware collection

#31310 by tomatto007
Sat Mar 03, 2018 10:37 am

markusg wrote:Download & Extract Here.exe
SHA-256
f54a78aa6d90eaa44a0cd757f90e649219207150f2c89ae0431bae150a1d6268
https://www.virustotal.com/#/file/f54a7 ... 68/details
miner?

FILES ADDED:
%COMMON APPDATA%\SRSLABS\CMD.EXE
%COMMON APPDATA%\SRSLABS\CONFIG.JSON
%COMMON APPDATA%\SRSLABS\CONHOST.EXE
%COMMON APPDATA%\SRSLABS\WSCRIPTTARGET.EXE
%STARTUP%\MICROHOSTLAB.LNK (start conhost.exe)
%STARTUP%\SOFTCONTROL.LNK (start cmd.exe)

Username

tomatto007

Posts

24

Joined

Fri Mar 19, 2010 8:16 pm

Re: Malware collection

#31423 by markusg
Sat Apr 07, 2018 10:20 pm

a miner

Attachments

Fifa18UltimateBot.7z

(2.8 MiB) Downloaded 45 times

Username

markusg

Posts

737

Joined

Mon Mar 15, 2010 2:53 pm

Re: Malware collection

#32098 by markusg
Thu Sep 06, 2018 6:33 pm

miner
SHA-256
8e353998862d7bdee88041c3f2c6ffbb5b405436857eeab6aba344830880445b
File name
start.exe
https://www.virustotal.com/#/file/8e353 ... /detection

Attachments

start.rar

(1.48 MiB) Downloaded 31 times

Username

markusg

Posts

737

Joined

Mon Mar 15, 2010 2:53 pm