original cpu miner
SHA256: 935816b85da3a981377a8d2f29de33d70cdb3e999ea78094f3c1973b990911d6
File name: pooler-cpuminer-2.2.3-win64.zip
Detection ratio: 8 / 46
some results:
Kaspersky not-a-virus:RiskTool.Win32.BitCoinMiner.cnl
Ikarus not-a-virus:RiskTool.Win32.BitCoinMiner
downloaded from
http://sourceforge.net/projects/cpuminer/files/Thread:
YACoin Windows 7 x64 miner [SSSE3 and AVX support]
https://bitcointalk.org/index.php?topic=201027.0from mega link:
SHA256: f2d76e2df4c42254b2f62fd42bc748c538818c786bb86ae92b316b94eae79034
File name: minerd_scrypt_jane_x64_avx.exe
Detection ratio: 0 / 46
SHA256: 29c0636832bd50f5a5c61f85e88db13759745ecbfba9342c63fb0962d76d6aba
File name: file-5478923_exe
Detection ratio: 0 / 46
SHA256: b923e95d1173d0e35630553be0fe7dfbdd5e8f3b2f0d53a1eb0214576d316bc0
File name: jansson.dll
Detection ratio: 0 / 46
SHA256: 0e6af724609ef6846982ef717013426c359c455fff324e906d8d55c8bb88d16e
File name: pthreadVC2.DLL
Detection ratio: 0 / 46
[suspect exe] from this thread: [YAC] Antivirus friendly minerd for Windows
[suspect exe]
https://bitcointalk.org/index.php?topic=201050.0SHA256: 0ffa2116bf1027019ad94e9bf8e2340be427d6efbc9563e185096cf8550b4c3a
File name: cpuminer-scrypt-jane-win32-themida.zip
Detection ratio: 15 / 46
still shows bitcoin miner
Ikarus Win32.BitCoinMiner
also many shows themida
and
VIPRE Backdoor.Win32.Ircbot.gen (v)
--
The original cpu miner may show up in virustotal as bitcoin miner etc as its being distributed in huge quantity via botnets for hidden mining, this doesnt mean the original exe is a virus or anything.
The suspect exe above, could be the culprit for wallets being taken.