Home / malware Trojan:Win32/CoinMiner.D
First posted on 08 March 2018.
Source: MicrosoftAliases :
There are no other names known for Trojan:Win32/CoinMiner.D.
Explanation :
This CoinMiner trojan is a customized coin mining application. The following strings in its code indicate that it is based on XMRig, an open source, CPU-based Monero (XMR) miner:
Samples of this malware have been observed dropped in the wild by TrojanDownloader:Win32/Dofoil.AB into the Temp folder as wuauclt.exe It uses nanopool.org servers to mine Electroneum cryptocurrency. Analyzed samples use the following username on these pool servers: etnkQr8x5xY7PyUNi8jmxefg7YjQeceeGQgkmqZAyEifjVqR5GBp5ueHWDrrn87zHP8eew3ynA2pZN9zdL5a6rBs5BCgEaEpYu Its code reveals support for NiceHash mining, which means it can mine other cyptocurrencies.
- donate.xmrig.com
- .nicehash.com
Last update 08 March 2018
