ATTENTION !!!
TROJAN DETECTED!!!
IMMEDIATELY AFTER YOU RUN .EXE FILE ANOTHER FILE NAMED 'Interpeter.exe' CREATED HERE 'C:\Users\*****\Documents\IISExpress\Bypass\
https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detection
AND CREATE
Backdoor.Agent.Generic, C:\USERS\*****\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEMHOST.URL
[InternetShortcut]
C:\Users\*****\Documents\IISExpress\Bypass\Interpeter.exe
IconIndex=0
IconFile=C:/Users/*****/Documents/IISExpress/Bypass/Interpeter.exe
[02.10 00:00:30] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 open through
[02.10 00:00:35] Interpeter.exe - np.shandow.ru:443 open through
[02.10 00:00:36] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 close, 570 bytes sent, 39429 bytes (38.5 KB) received, lifetime 00:06
[02.10 00:00:39] Interpeter.exe - np.shandow.ru:443 close, 356 bytes sent, 314965 bytes (307 KB) received, lifetime 00:04
Interpeter.exe immediately establish connection with np.shandow.ru:443 and start to download malicious software.
maybe it just downloads additional files for chosen algorithms...I admit size of miner looks suspiciously small for number of algorithms
and cards supported. I doubt author would risk hero account for such lame attempt
2 hidden in system folders files created after you start main file.
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Crypt.gen
ESET-NOD32 A Variant Of MSIL/TrojanDownloader.Agen
Kaspersky HEUR:Trojan.MSIL.Crypt.gen
AVG FileRepMalware
etc...
This is not false positive.
And there is no "additional files for chosen algorithms" here np.shandow.ru
No folders, all the more hidden miner does not create, maybe you are confusing something.