BAT_COINMINE.EI
Trojan:BAT/CoinMiner.B (Microsoft)
Windows
![](/vinfo/imgFiles/legend.jpg)
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It requires its main component to successfully perform its intended routine.
TECHNICAL DETAILS
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Installation
This Trojan drops the following files:
- %Windows%\Tasks\gm
(Note: %Windows% is the Windows folder, where it usually is C:\Windows on all Windows operating system versions.)
Other System Modifications
This Trojan deletes the following files:
- %Windows%\Tasks\cell
(Note: %Windows% is the Windows folder, where it usually is C:\Windows on all Windows operating system versions.)
Other Details
This Trojan requires its main component to successfully perform its intended routine.
It does the following:
- It executes the following command:
- mstdc.exe -m -u bond007.01 -p x -t %NUMBER_OF_PROCESSORS%
- mstdc.exe -m -u bond007.01 -p x -t %NUMBER_OF_PROCESSORS% -gpu