If you encounter a message indicating the presence of the Trojan:Win64/DisguisedXMRigMiner on your PC or if your computer is noticeably slow and causing you numerous frustrations, it is crucial to take action and scan your system for the Disguised XMRig Miner. I will now guide you on how to proceed with the scanning and cleaning process in an effective manner.
The majority of Disguised XMRig Miners are used to earn a profit on you. The criminals elaborate the range of dangerous programs to take your credit card information, online banking credentials, as well as various other facts for deceptive purposes.
Trojan:Win64/DisguisedXMRigMiner Summary
- Creates RWX memory;
- Reads data out of its own binary image;
- A process created a hidden window;
- Drops a binary and executes it;
- Unconventionial language used in binary resources: Russian;
- Creates an autorun.inf file;
- Uses Windows utilities for basic functionality;
- Installs itself for autorun at Windows startup;
- Network activity detected but not expressed in API logs;
- Attempts to disable Windows Defender;
- Anomalous binary characteristics;
- Ciphering the documents situated on the target’s disk drive — so the target can no more use the data;
- Preventing regular access to the target’s workstation;
| Name | Disguised XMRig Miner Trojan |
| Detection | Trojan:Win64/DisguisedXMRigMiner |
| Details | Disguised XMRig Miner is a crypto-mining Trojan that exploits CPU resources to earn Monero fractions. |
File details
File Info:
crc32: 15F14CBAmd5: ab919222dd0d6f41288927c1d28858e6name: AB919222DD0D6F41288927C1D28858E6.mlwsha1: a4feda8decee38edc3ac0d5d6126ff3edd5d2473sha256: 5f4a1fa430739084d87b73b8224632d77a496ceb7e28e7ce818c4599fa668a73sha512: b1cfb73b02654e7ae3ec48feb2497928791e8a209eb817181804538a70d24a41bd8a5d20c46f1b8ef7693cb39f5d9fece5ba78a0f88d02967b730334983235bassdeep: 49152:jXz+aBG91le7xhPTHWi/yoqkNerRSjVZYD6bLcGKdwxtVRGnoCwx:jXz+aBQ3e7xgi/yopeEj/Y+bLcGKQPRNtype: PE32 executable (GUI) Intel 80386, for MS WindowsVersion Info:
LegalCopyright: Office Setup FileDescription: Office Setup 1.0 Installation FileVersion: 1.0 Comments: CompanyName: Office Setup Translation: 0x0409 0x04e4
Trojan:Win64/DisguisedXMRigMiner also known as:
| GridinSoft | Trojan.XMRMiner |
| K7AntiVirus | Trojan ( 00560c521 ) |
| DrWeb | Tool.Nssm.6 |
| Cynet | Malicious (score: 99) |
| CAT-QuickHeal | Trojan.Win32 |
| ALYac | Trojan.Miner.DZ |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Miner.gen |
| CrowdStrike | win/malicious_confidence_60% (W) |
| Alibaba | Trojan:Win64/Miners.d33b97b1 |
| K7GW | Trojan ( 00560c521 ) |
| Cybereason | malicious.decee3 |
| Cyren | W64/Application.FTAD-2956 |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win64/CoinMiner.PO potentially unwanted |
| APEX | Malicious |
| Avast | Win64:CoinminerX-gen [Trj] |
| ClamAV | Win.Trojan.Miner-9843125-0 |
| Kaspersky | HEUR:Trojan.Win32.Miner.gen |
| BitDefender | Trojan.Miner.DZ |
| NANO-Antivirus | Trojan.Win64.Miner.iiogib |
| MicroWorld-eScan | Trojan.Miner.DZ |
| Tencent | Win32.Trojan.Miner.Lpbd |
| Ad-Aware | Trojan.Miner.DZ |
| Sophos | Generic PUA KE (PUA) |
| Comodo | ApplicUnwnt@#31tr98nuo1hwg |
| BitDefenderTheta | Gen:NN.ZelphiCO.34294.cnKfaehV8aci |
| VIPRE | Trojan.Win32.Generic!BT |
| TrendMicro | TROJ_GEN.R002C0WDJ21 |
| McAfee-GW-Edition | BehavesLike.Win32.BadFile.vc |
| FireEye | Generic.mg.ab919222dd0d6f41 |
| Emsisoft | Trojan.Miner.DZ (B) |
| SentinelOne | Static AI – Malicious PE |
| Jiangmin | Trojan.Miner.ouv |
| Webroot | W32.Trojan.Miner |
| Avira | HEUR/AGEN.1136970 |
| eGambit | Unsafe.AI_Score_99% |
| Antiy-AVL | Trojan/Generic.ASMalwS.315D6B9 |
| Microsoft | Trojan:Win64/DisguisedXMRigMiner |
| GData | Trojan.Miner.DZ |
| McAfee | Artemis!AB919222DD0D |
| MAX | malware (ai score=89) |
| VBA32 | Trojan.Miner |
| Malwarebytes | Malware.AI.1121623471 |
| Panda | Trj/CI.A |
| TrendMicro-HouseCall | TROJ_GEN.R002C0WDJ21 |
| Yandex | Trojan.Miner!yZ/k+zfelIw |
| Ikarus | Trojan.Win64.CoinMiner |
| MaxSecure | Trojan-Ransom.Win32.Crypmod.zfq |
| Fortinet | W32/CoinMiner.FQ!tr |
| AVG | Win64:CoinminerX-gen [Trj] |
| Paloalto | generic.ml |
Does your antivirus regularly report about the “Disguised XMRig Miner”?
If you have actually seen a message suggesting the “Trojan:Win64/DisguisedXMRigMiner found”, then it’s an item of good news! The pc virus “Trojan:Win64/DisguisedXMRigMiner” was identified and also, most likely, erased. Such messages do not suggest that there was an actually active Disguised XMRig Miner on your tool. You might have simply downloaded a data that contained Trojan:Win64/DisguisedXMRigMiner, so your antivirus software program instantly erased it prior to it was introduced and created the difficulties. Conversely, the malicious script on the infected site could have been spotted and also stopped before triggering any kind of problems.
Microsoft Defender: “Trojan:Win64/DisguisedXMRigMiner”
When your computer system displays the message “Trojan:Win64/DisguisedXMRigMiner Found,” it does not necessarily mean that the Disguised XMRig Miner has successfully achieved its objective. Instead, it indicates that you may have visited an infected webpage or downloaded a malicious file. It is advisable to avoid such situations in the future, but there is no need to panic excessively. You can take the following steps to gather more information and address the issue:
1. Open your antivirus program and check the detection log file for Trojan:Win64/DisguisedXMRigMiner. This log file will provide you with additional details about the specific Disguised XMRig Miner that was detected and the actions taken by your antivirus software.
2. If you are still unsure or want to be more thorough, perform a manual scan using your antivirus software. This will help in further identifying and addressing any potential threats.
How to scan for malware, spyware, ransomware, adware, and other threats.
If your computer is operating unusually slow, websites are opening in a strange manner, or you’re encountering unexpected advertisements, it is possible that your computer has been infected and a virus is actively causing these issues. Spyware can track your activities and redirect your search or home pages to undesired locations. Adware can infect your browser and even the entire Windows OS, while ransomware attempts to lock your system and extort a significant ransom for your own files.
How to scan your PC for Trojan:Win64/DisguisedXMRigMiner?
Use Safe Mode to fix the most complex Trojan:Win64/DisguisedXMRigMiner issues.
It’s not enough to simply use the antivirus for the safety and security of your device. You need to have an extra comprehensive antivirus solution. Not all malware can be detected by typical antivirus scanners that primarily look for virus-type hazards. Your system may be full of “junk”, for example, toolbars, internet browser plugins, dubious online search engines, bitcoin-miners, as well as other types of unwanted software used for generating income on your lack of experience. Beware while downloading and install software on the web to avoid your device from being filled with unwanted toolbars as well as various other junk data.
Leave a Comment