Attachments
(2.01 MiB) Downloaded 33 times
A forum for reverse engineering, OS internals and malware analysis
ikolor wrote:Thanks youProbably a miner
https://www.virustotal.com/en/file/653c ... 499973679/
xmr.pool.minergate.com:45560
testfilatovmarafon@gmail.com
markusg wrote:SHA-256Another miner spreaded around since some weeks
8cd0e931d1de457839fe074ee0819dee78fcd61e1983ea80c7bd7b16f696eb80
File name
ExtremeHack.exe
https://www.virustotal.com/#/file/8cd0e ... /detection
ftp://progerman:ivivad9x@82.202.231.21
{
"algo": "cryptonight", // cryptonight (default) or cryptonight-lite
"av": 0, // algorithm variation, 0 auto select
"background": false, // true to run the miner in the background
"colors": true, // false to disable colored output
"cpu-affinity": null, // set process affinity to CPU core(s), mask "0x3" for cores 0 and 1
"cpu-priority": 1, // set process priority (0 idle, 2 normal to 5 highest)
"donate-level": 1, // donate level, mininum 1%
"log-file": null, // log all output to a file, example: "c:/some/path/xmrig.log"
"max-cpu-usage": 30, // maximum CPU usage for automatic mode, usually limiting factor is CPU cache not this option.
"print-time": 60, // print hashrate report every N seconds
"retries": 5, // number of times to retry before switch to backup server
"retry-pause": 5, // time to pause between retries
"safe": false, // true to safe adjust threads and av settings for current CPU
"threads": 1, // number of miner threads
"pools": [
{
"url": "progerman.ru:90", // URL of mining server
"user": "cpu", // username for mining server
"pass": "cpu", // password for mining server
"keepalive": true, // send keepalived for prevent timeout (need pool support)
"nicehash": true // enable nicehash/xmrig-proxy support
}
],
"api": {
"port": 0, // port for the miner API https://github.com/xmrig/xmrig/wiki/API
"access-token": null, // access token for API
"worker-id": null // custom worker-id for API
}
}