Coinminer.Linux.MALXMR.UWEKM
Linux
Malware-Typ:
Coinminer
Zerstrerisch?:
Nein
Verschlsselt?:
Ja
In the wild::
Ja
Überblick
It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Wird möglicherweise von anderer Malware von Remote-Sites heruntergeladen:
Technische Details
Übertragungsdetails
It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Wird möglicherweise von der folgender Malware von Remote-Sites heruntergeladen:
Andere Details
Für ihre ordnungsgemäße Ausführung sind die folgenden zusätzlichen Komponenten erforderlich:
- {Coinminer Directory}\config.json
Es macht Folgendes:
- It accepts the following Parameters:
- -o, --url=URL URL of mining server
- -a, --algo=ALGO mining algorithm https://xmrig.com/docs/algorithms
- --coin=COIN specify coin instead of algorithm
- -u, --user=USERNAME username for mining server
- -p, --pass=PASSWORD password for mining server
- -O, --userpass=U:P username:password pair for mining server
- -x, --proxy=HOST:PORT connect through a SOCKS5 proxy
- -k, --keepalive send keepalived packet for prevent timeout (needs pool support)
- --nicehash enable nicehash.com support
- --rig-id=ID rig identifier for pool-side statistics (needs pool support)
- --daemon use daemon RPC instead of pool for solo mining
- --daemon-poll-interval=N daemon poll interval in milliseconds (default: 1000)
- --self-select=URL self-select block templates from URL
- -r, --retries=N number of times to retry before switch to backup server (default: 5)
- -R, --retry-pause=N time to pause between retries (default: 5)
- --user-agent set custom user-agent string for pool
- --donate-level=N donate level, default 5%% (5 minutes in 100 minutes)
- --donate-over-proxy=N control donate over xmrig-proxy feature
- --no-cpu disable CPU mining backend
- -t, --threads=N number of CPU threads
- -v, --av=N algorithm variation, 0 auto select
- --cpu-affinity set process affinity to CPU core(s), mask 0x3 for cores 0 and 1
- --cpu-priority set process priority (0 idle, 2 normal to 5 highest)
- --cpu-max-threads-hint=N maximum CPU threads count (in percentage) hint for autoconfig
- --cpu-memory-pool=N number of 2 MB pages for persistent memory pool, -1 (auto), 0 (disable)
- --cpu-no-yield prefer maximum hashrate rather than system response/stability
- --no-huge-pages disable huge pages support
- --asm=ASM ASM optimizations, possible values: auto, none, intel, ryzen, bulldozer
- --randomx-init=N threads count to initialize RandomX dataset
- --randomx-no-numa disable NUMA support for RandomX
- --randomx-mode=MODE RandomX mode: auto, fast, light
- --randomx-1gb-pages use 1GB hugepages for dataset (Linux only)
- --randomx-wrmsr=N write custom value (0-15) to Intel MSR register 0x1a4 or disable MSR mod (-1)
- --randomx-no-rdmsr disable reverting initial MSR values on exit
- --api-worker-id=ID custom worker-id for API
- --api-id=ID custom instance ID for API
- --http-host=HOST bind host for HTTP API (default: 127.0.0.1)
- --http-port=N bind port for HTTP API
- --http-access-token=T access token for HTTP API
- --http-no-restricted enable full remote access to HTTP API (only if access token set)
- --opencl enable OpenCL mining backend
- --opencl-devices=N comma separated list of OpenCL devices to use
- --opencl-platform=N OpenCL platform index or name
- --opencl-loader=PATH path to OpenCL-ICD-Loader (OpenCL.dll or libOpenCL.so)
- --opencl-no-cache disable OpenCL cache
- --print-platforms print available OpenCL platforms and exit
- --cuda enable CUDA mining backend
- --cuda-loader=PATH path to CUDA plugin (xmrig-cuda.dll or libxmrig-cuda.so)
- --cuda-devices=N comma separated list of CUDA devices to use
- --cuda-bfactor-hint=N bfactor hint for autoconfig (0-12)
- --cuda-bsleep-hint=N bsleep hint for autoconfig
- --no-nvml disable NVML (NVIDIA Management Library) support
- -S, --syslog use system log for output messages
- -l, --log-file=FILE log all output to a file
- --print-time=N print hashrate report every N seconds
- --health-print-time=N print health report every N seconds
- --no-color disable colored output
- --verbose verbose output
- -c, --config=FILE load a JSON-format configuration file
- -B, --background run the miner in the background
- -V, --version output version information and exit
- -h, --help display this help and exit
- --dry-run test configuration and exit
- Supported algorithm options:
- cryptonight/0
- cryptonight
- cryptonight/1
- cryptonight/2
- cryptonight-monerov7
- cryptonight-monerov8
- cryptonight/r
- cryptonight/fast
- cryptonight/msr
- cryptonight/half
- cryptonight/xao
- cryptonight_alloy,
- cryptonight/rto
- cryptonight/rwz
- cryptonight/zls
- cryptonight/double
- cryptonight/gpu
- cryptonight-lite/0
- cryptonight-lite/1
- cryptonight-lite
- cryptonight-light
- cryptonight_lite
- cryptonight-aeonv7
- cryptonight_lite_v7
- cryptonight-heavy/0
- cryptonight-heavy
- cryptonight_heavy
- cryptonight-heavy/xhv
- cryptonight_haven
- cryptonight-heavy/tube
- cryptonight-bittube2
- cryptonight-pico
- cryptonight-pico/trtl
- cryptonight-turtle
- cryptonight-ultralite
- cryptonight_turtle
- randomx/test
- RandomX
- RandomWOW
- RandomXL
- randomx/arq
- RandomARQ
- randomx/loki
- randomx/wow
- randomx/0
- RandomSFX
- argon2/chukwa
- argon2/wrkz
- astrobowt/dero
- Supported coin options:
- monero
- arqma
Lösungen
Step 1
Durchsuchen Sie Ihren Computer mit Ihrem Trend Micro Produkt, und löschen Sie Dateien, die als Coinminer.Linux.MALXMR.UWEKM entdeckt werden. Falls die entdeckten Dateien bereits von Ihrem Trend Micro Produkt gesäubert, gelöscht oder in Quarantäne verschoben wurden, sind keine weiteren Schritte erforderlich. Dateien in Quarantäne können einfach gelöscht werden. Auf dieser Knowledge-Base-Seite finden Sie weitere Informationen.
Step 2
Malware-Dateien entfernen, die hinterlassen/heruntergeladen wurden von Coinminer.Linux.MALXMR.UWEKM
Nehmen Sie an unserer Umfrage teil