J
J
Jau2021-04-21 13:18:41
Malware
Jau, 2021-04-21 13:18:41

Xmrig.exe: Miner or system service?

xmrig.exe is a system service, or a miner? According to the logs of 360 T / S, I received such information when checking it for viruses. I am confused by "Win64/Miner.BitMiner.H8oAPtcA" and "C:\Users\Admin\AppData\Roaming\Microsoft Security\xmrig.exe". It seems to be a miner, but it seems to be in Microsoft Security. Checking in Virus Total showed a more open result, here is the link: [ https://www.virustotal.com/gui/file/ebf9acca47a2ac... ]. Delete or leave?

Type:
Win64/Miner.BitMiner.H8oAPtcA

Group:
System Boot Check Engine

:
Cloud Scanner 360

File Path:
C:\Users\Admin\AppData\Roaming\Microsoft Security\xmrig.exe

File Size:
4.35M (4,557,312 Bytes)

File Version :
1.0.0

File description:
Antimalware Service Executable

MD5:
7ec93e8fa8a19cfc23b4bf34aec0a9c6 Registry

path:
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Registry name:
Runtime Broker.exe Registry

value:
C:\Users\Admin\AppData\Roaming\Microsoft Security \ xmrig.exe --url = xmr-eu1.nanopool.org: 14444 --background --cpu-priority = 5 --keepalive --coin = monero --user = 43HcUvJDn5i49b4bGtC9aj5Z7iTYHCSPrBHo22x8pNK5XGkbtje5MaxWdJZRFoLxcWUqMZf9G8iS4XMWTPfZGzCiQ5d4ETa --cpu -max-threads-hint = 50 --donate-level=1 --retries=25 --max-cpu-usage=50

Suggestion:
Disabled since launch、Quaranteed files

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Alexander Bondar, 2021-04-21
@Jau

This is a miner designed to mine the Monero cryptocurrency.
If you yourself have not installed any software for mining the Monero cryptocurrency, I recommend deleting this miner.
There are removal instructions on Google.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question