HSRMINER Neoscrypt Fork by Justaminer - High Hashrate, API, all GPUs supported! - page 26.

nizzuu

full member

Activity: 187

Merit: 100

Cryptocurrency enthusiast

Quote from: Just_a_miner on January 16, 2018, 11:55:06 AM

2) You run it on farm rig. What a farm rig looks like? It's a computer with minimal software installed, usually it's windows, some gpu monitoring/tweaking software like MSI Afterburner and alike, and miner-software. Rig owners doesn't store anything valuable there and also have some acronis/etc backup of whole ssd/hdd from that rig and can restore it in 10 minutes.

Is it going to steal your wallets/passwords/etc? See 1) and 2).

Nothing personal here, and I'm not gonna judge you for something rather than thank for this miner. Butttt... You're wrong here. At least half of newbie miners have 1-2 cards, which may even (ouuuch!) put w/o risers into closed standard midi-tower case. And that's the only PC they got. So, gaming daily, sleeping+mining nightly. Are you sure they got backups and lack personal data on their drives? So why are you surprised that someone got bored when he saw "blah-blah-WannaCry" associated to your file, bro? Wink

That's normal, they don't wanna cry. Uh oh, yeah you can use sandboxie and/or other techniques to isolate suspicious executable, but u need some skill for that.

Cryp2bit

newbie

Activity: 12

Merit: 0

Quote from: Just_a_miner on January 16, 2018, 08:29:13 AM

Quote from: Cryp2bit on January 16, 2018, 06:15:18 AM

Danger.. but i risked Grin

ran it on small rig with 2 gpus so no much to lose if something bad happens - just windows install and miner lol

Seems to be working though:

https://i.imgur.com/e9g6LD9.png

i think i'll check it for several hours..

I'm glad you gave it a try, please also check -r option, I need some feedbacks. I can probably add some other options we were using in ccminer, just give me a hint which one you need.

okay ,this fork works fine atleast for 1 day that i've tried it. I was mining at zpool.ca with conversion to btc.Results are little better than with original version but hard to say for sure because it vary everyday anyway. What i really like is new option ,it let me use .cmd file with backup pools in loop. Thank a lot for that!

cryptominer420

sr. member

Activity: 450

Merit: 255

Want to add a feature get a ccminer style api into it so we can add it to mining managers easily.

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: Sayman_nsk on January 16, 2018, 09:44:01 AM

Nice try, TS Cheesy

your file is protected (masked) by vmprotect 3.0.x (like denuvo protection). any AV can`t detect any virus if it protected by vm. share not protected file and we will see, good work or scam.

1) It's not a cryptowallet. It's not a password manager. It's not a browser. It's a miner. Its purpose is to mine neoscrypt-based coins.

2) You run it on farm rig. What a farm rig looks like? It's a computer with minimal software installed, usually it's windows, some gpu monitoring/tweaking software like MSI Afterburner and alike, and miner-software. Rig owners doesn't store anything valuable there and also have some acronis/etc backup of whole ssd/hdd from that rig and can restore it in 10 minutes.

Tell me please what are you waiting from this miner? What's so terrible gonna happen? Is it going to encrypt whole farming rig's hdd and ask you for bitcoins? Grin

See 1) and 2).

Is it going to steal your wallets/passwords/etc? See 1) and 2).

You can also easily check this software main purpose - point it to some pool and see that it actually mines there. Run it for 24 hours, compare results with software you are using, check new option and tell me what other options from ccminer do you need? If you have any doubts - block miner's access in firewall to anything except pool you are going to mine to.

NetopyrMan

member

Activity: 144

Merit: 10

Sayman_nsk

full member

Activity: 237

Merit: 100

Quote from: Just_a_miner on January 16, 2018, 11:31:04 AM

Quote from: santan on January 16, 2018, 09:30:13 AM

It's not so easy to add extra options in a executable unless you redirecting to a code cave.... and so you don't want us to look inside .......VMP....

Palgin will be mad at you.

You should remember that hsrminer is heavily based on ccminer, so a lot of code is already there, you just need to find ways to enable it. It's not extra hard, but also is not so easy. That's the second reason I use vmp - to keep those ways private.

what's private? all who is need, download original file, depack it and disable devfee. palgin sad, hsr is use new core for neoscrypt. I trust palgin. original file not protected by vm. but your file protected and it may have some bad code (like remote port bug in claymore`s miner). no, not interesting use this "miner". share not protected file. this is not your intellectual property for protecting it.
это смешно. палгин написал новое ядро под алгоритм. выложил явно не зашифрованный файл. все всё видят. кому нужно давно там выкасили девфи сами. а ты взял чужой труд, прикинул туда свой код (явно не с добрыми намереньями) и зашифровал это всё, выдавая за свой приватный майнер. что там приватного? продукт то не твой, ты не автор этого майнера, чтобы протектить его. давай открытый файл, хорош жульничать.

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: santan on January 16, 2018, 09:30:13 AM

It's not so easy to add extra options in a executable unless you redirecting to a code cave.... and so you don't want us to look inside .......VMP....

Palgin will be mad at you.

You should remember that hsrminer is heavily based on ccminer, so a lot of code is already there, you just need to find ways to enable it. It's not extra hard, but also is not so easy. That's the second reason I use vmp - to keep those ways private.

Sayman_nsk

full member

Activity: 237

Merit: 100

Nice try, TS Cheesy

your file is protected (masked) by vmprotect 3.0.x (like denuvo protection). any AV can`t detect any virus if it protected by vm. share not protected file and we will see, good work or scam.

santan

member

Activity: 102

Merit: 11

It's not so easy to add extra options in a executable unless you redirecting to a code cave.... and so you don't want us to look inside .......VMP....

Palgin will be mad at you.

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: ol92 on January 16, 2018, 08:08:53 AM

Quote from: sekacakes on January 16, 2018, 07:52:25 AM

Quote from: Just_a_miner on January 16, 2018, 07:41:32 AM

Quote from: pupkinv on January 16, 2018, 06:08:19 AM

https://www.virustotal.com/#/file/4992661665e1dfcc8a28d5589484db49ea5f51a20b55d84a233a9cc2fc655e2f/detection

Check virustotal report for original hsrminer_neoscrypt.exe :

https://www.virustotal.com/#/file/8947d773886cce727a8e7be8d69e5e372163116cac4bd87568cb996f757d420a/detection

AegisLab - Troj.Gen!c
CAT-QuickHeal - Trojan.IGENERIC
K7GW - Unwanted-Program ( 004bf0771 )
McAfee-GW-Edition - BehavesLike.Win64.Downloader.vc
TrendMicro-HouseCall - Suspicious_GEN.F47V0103
McAfee - Artemis!B5DF5A71499C
K7AntiVirus - Unwanted-Program ( 004bf0771 )
Symantec - Trojan.Gen.9

Scary, isn't it?

Makes it awfully suspicious how this program goes masked and unflagged as a mining software, despite the original being flagged red all over.

The first warning : BehavesLike.Win64.RansomWannaCry is particulary worrisome since the original didn't have this one and it shouldn't be relative to mining software.

As you can see I've shown only those AV reports of original file that aren't relative to mining software

But you know it's a miner. It was packed by some generic packer that was easy to unpack for AVs, so they see it's a miner, but many of AVs didn't like behavior of packer so you get 7 warnings that aren't relative to mining software.

My file is packed with same packer that is used by Claymore to pack his "Claymore's Dual Ethereum + Decred/Siacoin/Lbry/Pascal AMD+NVIDIA GPU Miner", and you can see that he gets some AV reports too due to that packer, you can read his readme!!!.txt inside archive.

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: Cryp2bit on January 16, 2018, 06:15:18 AM

Danger.. but i risked Grin

ran it on small rig with 2 gpus so no much to lose if something bad happens - just windows install and miner lol

Seems to be working though:

i think i'll check it for several hours..

I'm glad you gave it a try, please also check -r option, I need some feedbacks. I can probably add some other options we were using in ccminer, just give me a hint which one you need.

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: sekacakes on January 16, 2018, 07:52:25 AM

Makes it awfully suspicious how this program goes masked and unflagged as a mining software, despite the original being flagged red all over.

Original hsrminer_neoscript.exe file was constantly deleted by my AV, so after I've finished my work on it I had to pack it before upload, otherwise you would have same troubles and would tell me that I'm trying to give you a virus - and it would be bad for my donations Cheesy

If you think that it's not a miner, just give it a try on some farm rig without sensitive data like crypto wallets, etc. You will see that it's actually hsrminer_neoscrypt, it mines, but it doesn't have devfee now and there is -r option that works, I even added it to --help section.

You can check -r option, block hsrminer_neoscrypt_fork.exe in the firewall and let it run with -r 1 for example - you will see that after 1 connection attempt and 10 sec timeout miner will exit. If you set -r 0 - miner will exit immediately.

ol92

sr. member

Activity: 445

Merit: 255

Quote from: sekacakes on January 16, 2018, 07:52:25 AM

Quote from: Just_a_miner on January 16, 2018, 07:41:32 AM

Quote from: pupkinv on January 16, 2018, 06:08:19 AM

https://www.virustotal.com/#/file/4992661665e1dfcc8a28d5589484db49ea5f51a20b55d84a233a9cc2fc655e2f/detection

Check virustotal report for original hsrminer_neoscrypt.exe :

https://www.virustotal.com/#/file/8947d773886cce727a8e7be8d69e5e372163116cac4bd87568cb996f757d420a/detection

AegisLab - Troj.Gen!c
CAT-QuickHeal - Trojan.IGENERIC
K7GW - Unwanted-Program ( 004bf0771 )
McAfee-GW-Edition - BehavesLike.Win64.Downloader.vc
TrendMicro-HouseCall - Suspicious_GEN.F47V0103
McAfee - Artemis!B5DF5A71499C
K7AntiVirus - Unwanted-Program ( 004bf0771 )
Symantec - Trojan.Gen.9

Scary, isn't it?

Makes it awfully suspicious how this program goes masked and unflagged as a mining software, despite the original being flagged red all over.

The first warning : BehavesLike.Win64.RansomWannaCry is particulary worrisome since the original didn't have this one and it shouldn't be relative to mining software.

sekacakes

newbie

Activity: 5

Merit: 0

Quote from: Just_a_miner on January 16, 2018, 07:41:32 AM

Quote from: pupkinv on January 16, 2018, 06:08:19 AM

https://www.virustotal.com/#/file/4992661665e1dfcc8a28d5589484db49ea5f51a20b55d84a233a9cc2fc655e2f/detection

Check virustotal report for original hsrminer_neoscrypt.exe :

https://www.virustotal.com/#/file/8947d773886cce727a8e7be8d69e5e372163116cac4bd87568cb996f757d420a/detection

AegisLab - Troj.Gen!c
CAT-QuickHeal - Trojan.IGENERIC
K7GW - Unwanted-Program ( 004bf0771 )
McAfee-GW-Edition - BehavesLike.Win64.Downloader.vc
TrendMicro-HouseCall - Suspicious_GEN.F47V0103
McAfee - Artemis!B5DF5A71499C
K7AntiVirus - Unwanted-Program ( 004bf0771 )
Symantec - Trojan.Gen.9

Scary, isn't it?

Makes it awfully suspicious how this program goes masked and unflagged as a mining software, despite the original being flagged red all over.

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: pupkinv on January 16, 2018, 06:08:19 AM

https://www.virustotal.com/#/file/4992661665e1dfcc8a28d5589484db49ea5f51a20b55d84a233a9cc2fc655e2f/detection

Check virustotal report for original hsrminer_neoscrypt.exe :

https://www.virustotal.com/#/file/8947d773886cce727a8e7be8d69e5e372163116cac4bd87568cb996f757d420a/detection

AegisLab - Troj.Gen!c
CAT-QuickHeal - Trojan.IGENERIC
K7GW - Unwanted-Program ( 004bf0771 )
McAfee-GW-Edition - BehavesLike.Win64.Downloader.vc
TrendMicro-HouseCall - Suspicious_GEN.F47V0103
McAfee - Artemis!B5DF5A71499C
K7AntiVirus - Unwanted-Program ( 004bf0771 )
Symantec - Trojan.Gen.9

Scary, isn't it?

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: doktor83 on January 16, 2018, 05:31:12 AM

You actually added new functionality to a software by hex editing and stuff ? Grin

For real man ? Grin

Yes. It's called software reverse engineering.

Guys, what option should I add next?

Just_a_miner

jr. member

Activity: 325

Merit: 2

Quote from: ekze on January 16, 2018, 05:40:00 AM

What is the default reconnect value? Can we set it to -1 to reconnect indefinitely?

Default value is already -1, so if you don't use -r option at all, miner will reconnect indefinitely.

Cryp2bit

newbie

Activity: 12

Merit: 0

Danger.. but i risked Grin

ran it on small rig with 2 gpus so no much to lose if something bad happens - just windows install and miner lol

Seems to be working though:

https://i.imgur.com/e9g6LD9.png

i think i'll check it for several hours..

pupkinv

newbie

Activity: 11

Merit: 0

https://www.virustotal.com/#/file/4992661665e1dfcc8a28d5589484db49ea5f51a20b55d84a233a9cc2fc655e2f/detection

promomei

sr. member

Activity: 399

Merit: 254

Crazy dangerous staff
watch out Grin

Topic: HSRMINER Neoscrypt Fork by Justaminer - High Hashrate, API, all GPUs supported! - page 26. (Read 13383 times)