HKTL_COINMINE.GQ

This Hacking Tool may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from remote sites.

It does not have any propagation routine.

It does not have any backdoor routine.

It requires being executed with a specific argument/parameter, an additional component, or in a specific environment in order to proceed with its intended routine.

Arrival Details

This Hacking Tool may arrive bundled with malware packages as a malware component.

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It may be downloaded by the following malware/grayware from remote sites:

• HKTL_COINMINE.GN

Propagation

This Hacking Tool does not have any propagation routine.

Backdoor Routine

This Hacking Tool does not have any backdoor routine.

Other Details

This Hacking Tool does the following:

• This hacking tool is a coin miner used to generate bitcoins and it requires credentials for the mining server.
• The mining process eats up a system's computing power. As such, infected systems sustain increased wear and tear from processing coin blocks and the infected systems will work abnormally slow.
• It accepts the following parameters:
  • --help → This message.
  • -c [ --config ] arg → Name of configuration file. Multiple configuration files allowed.
  • --compat-check arg → Exit right after compatibility checks with provided return code.
  • -t [ --threads ] arg → The number of threads for mining (default is to autodetect), when t<=0 use autodetect+t threads.
  • -M [ --mine ] arg → Mining target in YAM URI format (protocol, worker name, password, pool address, pool ports, coin type, mining parameters). Multiple mining targets allowed.
  • -P [ --mining-params ] arg → Mining parameters in parameter list format (coin:param1=value1¶m2=value2¶m3=value3. Multiple parameter groups allowed.
  • -W [ --worker-params ] arg → Worker parameters in parameter list format (worker_index:param1=value1¶m2=value2¶m3=value3. Multiple parameter groups allowed.
  • --compact-stats arg → Enable compact statistics output (uses less screen space).
  • --print-timestamps arg → Enable printing timestamps for every output line.
  • --proxy arg → Proxy server to use in format type://user:password@host:port (check documentation for supported proxy types and usage details).

It requires being executed with a specific argument/parameter, an additional component, or in a specific environment in order to proceed with its intended routine.