Trojan.Coinminer.BR
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 8,890 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 84 |
| First Seen: | July 11, 2024 |
| Last Seen: | January 28, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Coinminer.BR |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
3990847d6e03fd5d7d01827f1f43cff1
SHA1:
0d535d382d65664c6bd354dfdddecea1d105b94c
File Size:
7.17 KB, 7168 bytes
|
|
MD5:
4a578293c9ab5949c7b29dbc9d5801d3
SHA1:
9a3c685af0c0b74fc75ed995807dfb0a4a58dff7
File Size:
7.68 KB, 7680 bytes
|
|
MD5:
1958b5d8a89df9117050560a64018011
SHA1:
ce3f7c4b118f74a56546f7ebf9d5cc76d20491a8
SHA256:
2B8A2BB8BA86ACE2E3EE40ED6F38673A9E1AC46795B310FAB5FA12FC0776914F
File Size:
7.17 KB, 7168 bytes
|
|
MD5:
d25bfb6514bcc248c0dc9a6c1a1cf0ef
SHA1:
135eb3d7d7a62c09797c3c9562ed8d7afc675b78
SHA256:
2994B5B29F4FF058807246E26FB8473373947A750EA41ABC4210E9DBCAF7904E
File Size:
7.68 KB, 7680 bytes
|
|
MD5:
6b9acc2dbf23364796ba6897ab253520
SHA1:
7e145ffec5bd92240fb38f2f8d862f0ab520b523
SHA256:
83888684865D2B609CE088B56A9BD233DE7B85CA6C91C2A1730D3E74DB03E83A
File Size:
7.17 KB, 7168 bytes
|
Show More
|
MD5:
cb62af4cd8e911c33f8268d62a28ea47
SHA1:
643621897756e7db898c0b949034589de34da787
SHA256:
98EB7E363B8F62EDAB6AA742339471893C3F0DB80CFB6C1D93CDC2B1B3BCC0EA
File Size:
7.17 KB, 7168 bytes
|
|
MD5:
9e9d14cb579277a8616c342f2e9214de
SHA1:
6db2747c91f1e801ed580ff029b9769c66e00fb9
SHA256:
D5593BB85F771FF7F16DCBF5765E14496BC78A4898CE94014A5C764264D6191E
File Size:
7.68 KB, 7680 bytes
|
|
MD5:
048290792c68a620c8533b07b83ebd1a
SHA1:
673f8867e4bfd0a1b32bd9b20625698dd3e84618
SHA256:
3BA69A48D7EC745D6C25671926F3BE418F977A6724001FFC40CA2F607383768E
File Size:
7.68 KB, 7680 bytes
|
|
MD5:
3fa51d092a1f2819b68f7f74777ce2e8
SHA1:
c5e09d6a0d47734c9168b601c6cef462b1fa999f
SHA256:
9529E5B9521B766DCE7D0362F9701119915D2C935CFB125E37316826FA37F5DD
File Size:
7.17 KB, 7168 bytes
|
|
MD5:
bb5c1e8d6f4cb67f0c57d827afd387ad
SHA1:
3fc8804109cd9d650bd7d29a1272191643dd56d7
SHA256:
06242DEC1E8CF2C1F381AD5AD0D0402556257803819AF3522059ECA23E430FE2
File Size:
8.70 KB, 8704 bytes
|
|
MD5:
7f7ccd99cbc68f1d7af26887a2073227
SHA1:
04d490a66ff3e23fea8c5ab80ef537bf5e7b0eb7
SHA256:
BB56DB7B2E1903AD50352184132FE973883DD54FD52B6D37F3F755F328303350
File Size:
7.68 KB, 7680 bytes
|
|
MD5:
50d606a6efec5a0ca5089ae985c1251d
SHA1:
7340eb56d331bc610159b718e37810125246efeb
SHA256:
ED45E1336FE9607042CAE637CCE3A8B101A642CEF9776F5EC7EAB80406009CE3
File Size:
6.14 KB, 6144 bytes
|
|
MD5:
8e08b390e457bce4ee8f111c120da6eb
SHA1:
65d890cc3160921f664885316f7d8bb2bf33759a
SHA256:
AE6FBD634224629F34D200E99F8B035E132DCCF0F24D5FC5203AE6DABC1BBFB0
File Size:
5.63 KB, 5632 bytes
|
|
MD5:
7bfbe4b937f9cc2efa733c3af630f6f0
SHA1:
e391857c8fc4e79a9db853bd784a7dd32a13924a
SHA256:
18EDE9E69A5CC6E4DBBBAF502BBA53142607EF666E71F12EB36E9CBAB728FD1A
File Size:
6.14 KB, 6144 bytes
|
|
MD5:
db0ff8e9bd117b46d8c856773684e3ba
SHA1:
963cd5418801dd5910590fbb01026c3b0f95fd48
SHA256:
F16935785D856B60EB721B63F84FE5FF7BC4B110E6692F31EAA94B8A2F65A71F
File Size:
6.14 KB, 6144 bytes
|
|
MD5:
70a904508d4eeefae40c54197701c1dd
SHA1:
79f65e3566cb880beee73ab0abc0c4528b56d818
SHA256:
C64F9FABF600CB3794059BCBB74BC5416DC1637FB6665FE8E9B5EFF5A4337746
File Size:
6.14 KB, 6144 bytes
|
|
MD5:
8710256aae93eced2c3503e150393557
SHA1:
4dc110198cc7a85fb1635f84ad0aaeb03f957b89
SHA256:
9FF1AFBDFCBD4089693248E692315C5BBDD1E51000212CAC6FE4ECF513130AD5
File Size:
6.14 KB, 6144 bytes
|
|
MD5:
c106f310fcd81ae41a4103cf3b212320
SHA1:
82be644b0f50ca81b6757205d4c31ecb6683ac32
SHA256:
FAAA461AEB1E0519410C96267DAA28D33CAFB964C31CF2FF4318AE8691EC9962
File Size:
6.14 KB, 6144 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File is 64-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Company Name | ScientificUpdater |
| File Description | ScientificUpdater |
| File Version | 1.0 |
| Internal Name | ScientificUpdater |
| Legal Copyright | Copyright (c) ScientificUpdater |
| Original Filename | ScientificUpdater |
| Product Name | ScientificUpdater |
| Product Version | 1.0 |
File Traits
- No Version Info
- x64
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 6 |
|---|---|
| Potentially Malicious Blocks: | 6 |
| Whitelisted Blocks: | 0 |
| Unknown Blocks: | 0 |
Visual Map
x
x
x
x
x
x
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Coinminer.BR
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
|
