Skip to content
/ randomx-sniffer Public

Proof of concept tool to detect RandomX cryptojacking malware on Windows

License

CC0-1.0 license
50 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tevador/randomx-sniffer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
randomx-sniffer.sln
randomx-sniffer.sln
 
 

Repository files navigation

RandomX Sniffer

RandomX Sniffer is a proof of concept tool that can detect RandomX cryptojacking malware on Windows. RandomX Sniffer will detect any process running RandomX regardless of how it's coded or obfuscated. This is possible because the RandomX algorithm leaves a trace in the CPU registers that can be detected.

There are only 2 ways how malware can hide from being detected by this technique:

  1. by emulating floating point operations using integer math and losing >95% of performance in the process
  2. by modifying the operating system

Build

Build using Visual Studio 2019. Precompiled binaries are available on the Releases page.

License

The source code is released into the public domain under CC0.

Donations

Author's XMR address:

845xHUh5GvfHwc2R8DVJCE7BT2sd4YEcmjG8GNSdmeNsP5DTEjXd1CNgxTcjHjiFuthRHAoVEJjM7GyKzQKLJtbd56xbh7V

About

Proof of concept tool to detect RandomX cryptojacking malware on Windows

Resources

Readme

License

CC0-1.0 license
Activity

Stars

50 stars

Watchers

7 watching

Forks

8 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages