Home / malware Trojan:Win32/CoinMiner
First posted on 18 December 2014.
Source: MicrosoftAliases :
There are no other names known for Trojan:Win32/CoinMiner.
Explanation :
Threat behavior
Installation
This trojan launches bitcoin mining software on your PC. It can be bundled with other software, such as installers for software cracks and key generators.
The trojan drops an application that uses your PC to make bitcoins for a malicious hacker. The trojan often drops other component files, such as commonly-used library files, that allow s the miner to function properly.
The bitcoin mining application can be installed with the same name as a legitimate process. We have seen it use the following file names:
- amd_gpu.exe
- cg.exe
- minerd.exe
- svchost.exe
Payload
Mines bitcoins
This threat installs and launches bitcoin mining software on your PC. It launches the mining software silently and passes to it parameters that let it send its results to a server controlled by a malicious hacker
This activity can use a lot of processing power and make your PC run slower than usual.
Analysis by Amir Fouda
Symptoms
The following can indicate that you have this threat on your PC:
- You have these files:
amd_gpu.exe
cg.exe
minerd.exe
svchost.exe- Your PC might run slowly
Last update 18 December 2014
