Mal/Miner-C

Category: Viruses and Spyware Protection available since:21 Oct 2014 20:34:03 (GMT)
Type: Malicious behavior Last Updated:08 Dec 2015 15:28:52 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Miner-C include:

Example 1

File Information

Size
1.8M
SHA-1
001a0e4c57237687a1380cc0b22661b65bf7f9af
MD5
33da876504f1715e872b04cef5eca16b
CRC-32
84662a8d
File type
Windows executable
First seen
2012-03-07

Example 2

File Information

Size
3.3M
SHA-1
0029a520b2ab467e0d19246b8f975387303e10cd
MD5
dffbbfc282bb6465c1484fa5505d6e1c
CRC-32
3bbf18ac
File type
Windows executable
First seen
2007-11-06

Runtime Analysis

Copies Itself To
  • F:/sample.exe
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\NsCpuCNMiner64.exe
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\NsCpuCNMiner32.exe
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\pools.txt
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\Run.lnk
    Size
    856
    SHA-1
    aa462a6c68a54ffedfc3285d14e5c45b20406762
    MD5
    cb14e7eb30c1d7b282b1a530d3bbeba0
    CRC-32
    acb1fe7c
    File type
    Windows Shortcut file (.LNK)
    First seen
    2015-10-26
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    (Default)
    c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\test_item.exe
HTTP Requests
  • http://stafftest.ru/stat.html
  • http://stafftest.ru/test.html
DNS Requests
  • stafftest.ru

Example 3

File Information

Size
3.3M
SHA-1
01466cbfae1de61d7c7ccc9c0f4c3b779645d139
MD5
6a66126aa5d12acbcf7bd0f0e4340dd2
CRC-32
dd75b888
File type
Windows executable
First seen
2007-11-04

Runtime Analysis

Copies Itself To
  • F:/sample.exe
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\NsCpuCNMiner64.exe
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\NsCpuCNMiner32.exe
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\Run.lnk
    Size
    856
    SHA-1
    9d3c68c0f0886c1803b8e0f9a755c76dd1e3170f
    MD5
    73128c53c200e08fee012627867e73e5
    CRC-32
    e30c350c
    File type
    Windows Shortcut file (.LNK)
    First seen
    2015-10-13
  • c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\pools.txt
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    (Default)
    c:\Documents and Settings\test user\Application Data\NsCpuCNMiner\test_item.exe
HTTP Requests
  • http://stafftest.ru/stat.html
  • http://stafftest.ru/test.html
DNS Requests
  • stafftest.ru

download Try Sophos products for free
Download now