Analysis by: Cris Nowell Pantanilla
 ALIASES:

not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.e (Kaspersky)

 PLATFORM:

Linux

 OVERALL RISK RATING:
 REPORTED INFECTION:

  • Threat Type: Potentially Unwanted Application

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user.

This is the Trend Micro detection for files that exhibit certain behaviors.

  TECHNICAL DETAILS

Tipo de compactação: 3,938,712 bytes
Tipo de arquivo: ELF
Residente na memória: No
Data de recebimento das amostras iniciais: 06 Dec 2016

Arrival Details

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It may be manually installed by a user.

Other Details

This is the Trend Micro detection for:

  • Applications used to generate Bitcoins on the affected machine. The mining process eats up a system's computing power. As such, infected systems sustain increased wear and tear from processing coin blocks and the infected systems will work abnormally slow.

  SOLUTION

Mecanismo de varredura mínima: 9.850
Primeiro arquivo padrão VSAPI: 12.942.5
Data do lançamento do primeiro padrão VSAPI: 06 Dec 2016
VSAPI OPR Pattern Version: 12.943.00
VSAPI OPR Pattern veröffentlicht am: 07 Dec 2016

Scan your computer with your Trend Micro product to delete files detected as PUA_CoinMiner. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.


Did this description help? Tell us how we did.