HDDefrag.exe – Bitcoin miner malware – Part 2

Yesterday I wrote about a bitcoin miner using the mpchc64.exe filename. Today I found that it may also name itself HDDefrag.exe.

The anti-virus scanners are also catching up on the detections:

  • Avast Win32:BitCoinMiner-CA [Trj]
  • Kingsoft Win32.Troj.Agent.t.(kcloud) 20130829
  • Ikarus Win32.SuspectCrc
  • Commtouch W32/Trojan.RRSQ-7064
  • Fortinet W32/BitCoinMiner.K
  • Comodo UnclassifiedMalware
  • Kaspersky UDS:DangerousObject.Multi.Generic
  • Jiangmin TrojanDownloader.Agent.fafk 20130903
  • VIPRE Trojan.Win32.Generic!BT
  • Baidu-International Trojan.Win32.Agent.peo
  • Emsisoft Trojan.Generic.9507773 (B)
  • BitDefender Trojan.Generic.9507773
  • GData Trojan.Generic.9507773
  • DrWeb Trojan.BtcMine.84
  • TrendMicro TROJ_GEN.R0CBC0PFA13
  • TrendMicro-HouseCall TROJ_GEN.R02KB01H313
  • Panda Trj/CI.A
  • AntiVir TR/Kazy.161126.1
  • Norman Suspicious_Gen5.TMSU
  • PCTools SecurityRisk.Bitcoinminer
  • Agnitum Riskware.BitCoinMiner!5z1skH8aZKk
  • K7AntiVirus Riskware
  • K7GW Riskware
  • McAfee RDN/Generic.tfr!de
  • McAfee-GW-Edition RDN/Generic.tfr!de
  • Symantec Bitcoinminer
  • ESET-NOD32 a variant of Win32/BitCoinMiner.K

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s