Skip to content
Proof of concept tool to detect RandomX cryptojacking malware on Windows
C++ Batchfile
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
src Add a batch file for easier testing Nov 30, 2019
.gitignore Initial commit Nov 29, 2019
LICENSE Initial commit Nov 29, 2019 Update readme Nov 29, 2019
randomx-sniffer.sln Initial commit Nov 29, 2019

RandomX Sniffer

RandomX Sniffer is a proof of concept tool that can detect RandomX cryptojacking malware on Windows. RandomX Sniffer will detect any process running RandomX regardless of how it's coded or obfuscated. This is possible because the RandomX algorithm leaves a trace in the CPU registers that can be detected.

There are only 2 ways how malware can hide from being detected by this technique:

  1. by emulating floating point operations using integer math and losing >95% of performance in the process
  2. by modifying the operating system


Build using Visual Studio 2019. Precompiled binaries are available on the Releases page.


The source code is released into the public domain under CC0.


Author's XMR address:

You can’t perform that action at this time.