What You Need to Know About the Other Corona Virus: Corona-virus-map.com.exe

Coronavirus com exe virus
Quick PC Scan

Special offer. See more information about Outbyte and uninstall instructions. Please review EULA and Privacy Policy.

Download Outbyte PC Repair to solve dozens of system issues and fix corrupted elements.

As more and more people are getting infected with the Covid-19 virus around the world, cybercriminals are taking advantage of the chaos to infect users with the Corona-virus-map.com.exe. This malware exploits the current Covid-19 outbreak by trying to pose as an information source and case tracker of the epidemic around the world.

What is the Corona-virus-map.com.exe?

Corona-virus-map.com.exe, also known as the Corona Map virus, is a new Trojan that is circulating around the internet today. It runs in the background of the Windows system, and can only be discovered when you check the running processes under Task Manager. When you see this file running on your computer, it means that your system has been invaded by the AZORult virus, a banking Trojan that was first spotted in 2016.

The cybercriminals behind this Corona-virus-map.com.exe virus are taking advantage of the worldwide panic caused by the Covid-19 pandemic, which has now infected almost 700,000 people around the world, killing more than 30000. Because of this global emergency, people are looking for more information about the crisis, particularly the places that are hardly hit by the virus.

This is where Corona-virus-map.com comes into play. This website supposedly offers a map that tracks the cases of all the Coronavirus infections all over the world. When the users go to this website, the malware gets downloaded to their website and collects the sensitive information from the infected computer.

Expert Tip: For smoother PC performance, consider using a PC optimization tool. It handles junk files, incorrect settings, and harmful apps. Make sure it's right for your system, and always check the EULA and Privacy Policy.

Free Scan for PC Issues
Compatible with: Windows 10/11, Windows 7, Windows 8

Special offer. About Outbyte, uninstall instructions, EULA, Privacy Policy.

What Does Corona-virus-map.com.exe Do?

When you go to the www.corona-virus-map.com website, you’ll find it hard to notice that the website is malicious. Is Corona-virus-map.com.exe a malicious file? Is Corona-virus-map.com.exe a virus? This is because the website looks like a genuine interactive map of all the known cases of coronavirus infections around the world. It even mimics the genuine Covid-19 threat map designed by Johns Hopkins University. Aside from the map of the globe which highlights the countries where the virus has spread, you’ll also see the statistics on the latest number of deaths, infected, and recovered cases. The website actually looks legitimate and very convincing.

Aside from the website where the Corona-virus-map.com.exe is hosted, security experts have also discovered several email chains that include a link towards the malicious website. When the link is clicked by the user, the malicious Trojan is unknowingly triggered and downloads itself to the user’s computer.

Corona-virus-map.com.exe is an info-stealing Trojan that belongs to the AZORult banking Trojan family. This means that the malware is designed to steal the user’s browsing history, cookies, username and passwords, credit card information stored in users’ browser history, cryptocurrency, and other sensitive data. Corona-virus-map.com.exe can also download additional malicious apps onto the infected machines.

Based on the study done by the security expert who discovered the virus, researcher Shai Alfasi of Reason Labs, the malware was designed to look for various cryptocurrency wallets, including Electrum and Ethereum. The malware works by extracting data and creating a unique ID of the affected user’s workstation. It then applies XOR encryption by using the new user ID. That generated ID was created to start C2 communication to the C2 server. The C2 server eventually sends the configuration data containing target web browser names, API names, web browser path information, legitimate DLLs, and sqlite3 queries. The gathered data is sent to the malware’s author in the form of a PasswordList.txt file.

The Corona-virus-map.com.exe malware was also discovered being sold in the hacker’s underground market, with prices ranging from $200 t0 $700. The product description of the malware says:

It loads [a] fully working online map of Corona Virus infected areas and other data. Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral!

For the Corona-virus-map.com.exe malware to work, the infected computer needs to have Java installed because the Corona map is Java-based. Even if you have the latest Java version installed, you won’t be able to avoid getting infected with the virus.

How to Remove the Corona-virus-map.com.exe From Your PC

The best way to detect the Corona-virus-map.com.exe malware on your computer is by using a robust anti-malware software. You can use it to detect whether your device has been infected by the Corona-virus-map.com.exe and other types of malware.

According to Virus Total, at least 60 security apps can recognize the Corona-virus-map.com.exe so it is not that difficult to detect. However, it comes in various names, including:

  • Trojan:Win32/Covitse!MSR
  • GenericKD.33504379
  • Trojan[PSW]/Win32.AZORult
  • Agent.Wacatac
  • Troj/MSIL-NZP
  • AzorUlt.CoronaMap
  • Malware@#1z88bc8nipk8n
  • Win32:Trojan-gen

Keep in mind that deleting the Corona-virus-map.com.exe manually may not be enough to totally remove it from your computer. As described above, the malware modifies the Windows registry, creates new scheduled tasks, and makes various changes all over your Windows system, making it hard for users to remove all of its component. If you suspect that your computer has been infected by the Corona-virus-map.com.exe, you need to delete it using our malware removal guide (insert malware rremoval guide here) below. Don’t forget to use a PC cleaner app to delete all infected files and prevent re-infection.

Download Outbyte AntivirusOutbyteIf you’re running into errors and your system is suspiciously slow, your computer needs some maintenance work. Download Outbyte PC Repair for Windows or Outbyte Antivirus for Windows to resolve common computer performance issues.Fix computer troubles by downloading the compatible tool for your device.See more information about Outbyte and uninstall instructions. Please review EULA and Privacy Policy.
Give us some love and rate our post!
[Total: 0 Average: 0]
Spread the love
Notify of
Inline Feedbacks
View all comments
Featured Stories
What Is MSVCR80.dll?
What Is agcutils.dll?
What Is cscui.dll?
How to Remove the Zupdater.exe Virus?
What is Intelmain.exe?
What Is SteadyVideo.dll?
What is an XLM File?
What is Winlog.exe?