-
Notifications
You must be signed in to change notification settings - Fork 161
Home
Welcome to the SilentXMRMiner wiki!
Here I will write explanations for all the features and give examples on how to use them, you can also find information inside the miner builder by hovering the '?' next to the featuores. I will also strive to answer the most frequently asked questions so that there is fast and easy access to information otherwise usually gained by experience.
I will write everything on a single page instead of multiple pages for a more portable navigation experience. As always you can utilize tools such as CTRL+F or the sidebar navigation menu to quickly try and find the information you're looking for.
Since I mostly use and recommend Nanopool due to the fact that they do not seem to ban you for having many miners directly mining to their pool I will use their pool in most of my examples but any other pool will also work. If you use 'Remote Configuration' then you're really free to use any pool since if you do get banned then you can just change the configuration for all the miners to another pool.
| Navigation Menu |
|---|
|
Miner Features |
|
FAQ |
This should be the address and the port to the pool you use, the address and port should be in the format POOL_DOMAIN:PORT. Some pools support and have different ports depending on if you are planning to use SSL/TLS or just the normal stratum protocol. If you do go with the SSL/TLS port you should enable 'SSL/TLS' on the 'Mining tab', for the normal stratum port you do not have to change anything except keep 'SSL/TLS' off.
For Nanopool just use one of their many regional domains and then either the SSL/TLS port or the normal one, for example: xmr-eu1.nanopool.org:14433 (with SSL/TLS enabled).
Some pools like Nanopool only use the wallet address and directly sends you the mined amount once you reach the required minimum withdrawal while some pools use a username or email instead of a wallet address and then leaves you to set up everything while logged in to their site.
For wallets, any here will work: https://www.getmonero.org/downloads/, of course the GUI Wallet is the recommended one but you do have to download the whole (or most of the) node (blockchain) so if you want a light wallet without much hassle and if you're either inexperienced or do not have the space or time then use something like https://mymonero.com/.
For Nanopool, worker name and email (if you wish to change the minimum payout, though this should probably be done in a temporary separate build) should also be entered in the wallet address field in the format YOUR_XMR_ADDRESS.YOUR_WORKER/YOUR_EMAIL. Both worker name and email are not required and purely optional.
The miner also supports dynamic worker names by using either {RANDOM} to generate a new random worker name every run, {USERNAME} to use the users username or {COMPUTERNAME} to use the computers name as the worker name. Keep in mind though that most pools usually have a limit of between 50-100 worker names so do not use this feature if you plan to mine directly to a pool and have many miners though nanopool does not seem to have a limit at the moment.
Some pools like Nanopool do not require any password at all but some use this field for a worker name like MoneroOcean, MineXMR and SupportXMR.
Choose the algorithm to mine with, the cryptocurrencies listed for each algorithm is just an example, that same option will work for any other cryptocurrency that uses the same algorithm. A lot of pools also sets the algorithm automatically. You can see a list of the algorithms
List of algorithms
| Algorithm | Example Cryptocurrency |
|---|---|
| rx/0 | Monero |
| argon2/chukwa | 2ACoin |
| rx/arq | ArQmA |
| cn-heavy/xhv | Haven, Blockcloud |
| cn/ccx | Conceal |
| astrobwt | Dero |
| cn/fast | Electronero, ElectroneroXP |
| cn/rwz | Graft |
| rx/keva | Kevacoin |
| cn-pico | Kryptokrona |
| cn/half | Masari |
| argon2/ninja | NinjaCoin |
| kawpow | Ravencoin |
| rx/sfx | Safex |
| cn/r | Sumokoin |
| cn-pico/tlo | Talleo |
| argon2/chukwav2 | Turtlecoin |
| cn/upx2 | Uplexa |
| rx/wow | Wownero |
| cn/zls | |
| cn/double | |
| cn/2 | |
| cn/xao | |
| cn/rto | |
| cn-heavy/tube | |
| cn-heavy/0 | |
| cn/1 | |
| cn-lite/1 | |
| cn-lite/0 | |
| cn/0 |
The 'Startup' option means that the miner will add itself to the startup flow of Windows so that the miner starts up with Windows. If the miner is run with administrator privileges it should add itself into the Task Scheduler and if run with normal user privileges it should add itself into the registry at HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
The path which the miner will copy itself to and add into the startup.
The name the miner will use when in the 'Save Path'.
The Watchdog will run as a separate process called 'sihost64.exe' and will constantly check if the miner is running and correctly placed in the 'Save Path' folder. If the miner is not running and the file is there it will just start it. If the miner is running and the file is not there it will copy the file and start the miner (but won't inject if it's already injected). And finally if both the miner isn't running and the file is gone it will copy the file there and start the miner.
This is pretty self explanatory and won't require much explanation, the assembly information will be used by Windows when displaying the miner in different places and can also be seen when right-clicking the miner and checking it properties.
Another pretty self explanatory one, will just apply the Icon chosen to the built miner.
Whether to enable CPU mining or not, this should practically always be enabled.
Since the Monero algorithm change to RandomX GPU mining hasn't been very profitable so due to this and the greatly increased file size and detections that it causes it's not recommended to use GPU mining. For GPU mining it is better to use something like my Silent ETH Miner that mines Ethereum, both the XMR and ETH miner can run at the same time without any issues.
This will cause the miner to mine using the normal 'Max CPU' options amount of CPU while the computer is in use. The miner checks if the computer is active with a Windows API call that returns the time since the keyboard or mouse has last been touched and if that time is below the required 'Idle Wait' time then it will use the normal 'Max CPU' options amount of CPU. If the time has been longer than the 'Idle Wait' time then it will switch over to using the amount of CPU specified in the 'Idle CPU' field.
The 'SSL/TLS' option should be enabled if you mine to a SSL/TLS port on the pool, on Nanopool this is the port 14433.
Enable this if you plan on mining to either Nicehash or your own xmrig-proxy.
This option will cause the miner to pause while either Task Manager, Process Explorer or Process Hacker is active to avoid detection. This option is usually recommended for real builds.
As explained in the 'Idle Mining' section this option specifies how much CPU the miner should use, the miner will use the percentage specified amount of cores that the CPU has available, if you choose 10% and the CPU has 8 cores it will use 1 core (12,5% CPU) but if the CPU only has 2 cores then 10% will of course still use 1 core (50% CPU).
As both explained in the 'Idle Mining' section and the above 'Max CPU' section this option specifies how much CPU to use when the miner is considered Idle.
This as well was explained in the 'Idle Mining' section but it's essentially the time it will wait since either the keyboard or mouse has been touched until it enabled Idle mode.
This field allows you to choose which process the miner file will inject itself into to hide from both the user and the antivirus. All of them work equally well although some processes like svchost.exe will often warn the user if they try and kill it.
This form is located inside the 'Mining' tab by clicking the 'Advanced Options' button. These options can require a bit more technical experience or knowledge to use.
The 'Pause for Obfuscation' option is there to allow you to be able to Obfuscate or otherwise modify the Watchdog payload or Miner payload before they get embedded into their respective loaders. When this option is enabled the compilation of the full miner when you build it will pause until you close the message box that pops up when at that step. While the builder is paused you can find the Watchdog payload, Miner payload, or any of the loader files inside the same folder as where you're building the complete miner to, you can then modify the file (by Obfuscator or anything else) and replace the old unobfuscated file and then continue the compilation and it will embed the modified Watchdog payload and Miner payload into the complete miner.
Will make the miner ask for administrator privileges when it's started. This is required for the 'Bypass Windows Defender' feature since it does modifications which are only allowed to be done by administrators. Running the miner as administrator will also increase the hashrate.
Will try to add exclusions to general folders used by the miner and watchdog before they are extracted and run. This is especially good to bypass future detections. Don't put 'Start Delay' at anything lower than 5 seconds while using this to ensure that no files are deleted before they can be run. This option requires Administrator privileges.
Will try to install the miner to System32, if unsuccessful it will try to install to the path chosen in the "Startup" tab. It's recommended to enable this when using 'Run as Administrator' since it legitimizes the miner file more. This option requires Administrator privileges.
Will convert the miner installer/injector, watchdog and installer into shellcode and use a native C program to load/inject it. Will greatly decrease detections.
Will constantly search for and kill any programs entered into the "Kill Targets" field.
The programs that the "Stealth" option should check for. Separate the programs with a comma (,) just like the default entry. Windows does have a 8191 character limit in the command line arguments so any big collections of programs should probably be entered with the "Remote Configuration" feature. You can find some games to add into "Stealth Targets" here: https://github.com/UnamSanctam/SilentETHMiner/issues/122 if you want the miner to pause while they are running. Default: Taskmgr.exe,ProcessHacker.exe,perfmon.exe,procexp.exe,procexp64.exe
The programs that the "Process Killer" option should check for. Separate the programs with a comma (,). Example: program1.exe,program2.exe,program3.exe Windows does have a 8191 character limit in the command line arguments so any big collections of programs should probably be entered with the "Remote Configuration" feature.
This option will enable error messages when running the miner. Don't enable this when building your real miner you plan to use.
Enabling this and entering a URL that contains a correct configuration will make the miner use these settings as the main settings to connect to. The settings you entered into the builder will be used as failover/backup settings incase the settings in the URL don't work. The URL entered should only contain the settings and nothing else, for pastebin this would be the 'raw' page, you can find a working example here: https://rentry.co/39ofx/raw or here: https://pastebin.com/raw/mpRWix6f. You can also enter multiple failover URLs separated by a comma (,) for the miner to use the other URLs in case the former URLs are unreachable or incorrect.
The format the configuration should be in is as follows:
{
"algo": "rx/0",
"pool": "xmr-eu2.nanopool.org",
"port": 14433,
"wallet": "8BbApiMBHsPVKkLEP4rVbST6CnSb3LW2gXygngCi5MGiBuwAFh6bFEzT3UTufiCehFK7fNvAjs5Tv6BKYa6w8hwaSjnsg2N",
"password": "",
"rig-id": "",
"keepalive": false,
"nicehash": false,
"ssltls": true
}
Or you can also change the miner settings if you want to
{
"algo": "rx/0",
"pool": "xmr-eu2.nanopool.org",
"port": 14433,
"wallet": "8BbApiMBHsPVKkLEP4rVbST6CnSb3LW2gXygngCi5MGiBuwAFh6bFEzT3UTufiCehFK7fNvAjs5Tv6BKYa6w8hwaSjnsg2N",
"password": "",
"rig-id": "",
"keepalive": false,
"nicehash": false,
"ssltls": true,
"max-cpu": 10,
"idle-wait": 1,
"idle-cpu": 50,
"stealth": true,
"stealth-targets": "Taskmgr.exe,ProcessHacker.exe,perfmon.exe,procexp.exe,procexp64.exe",
"process-killer": true,
"kill-targets": "program1.exe,program2.exe,program3.exe"
}
You can replace the above settings with your own settings (algo/pool/port/etc.) and upload it to something like rentry or pastebin, after that you can get the 'raw' version but pressing the corresponding button in the menu and then copy that URL into the 'Remote Configuration' field.
The old INI configurations of the older miner versions still work but is not recommended to use anymore.
The 'Advanced Parameters' field is the command line options which the miner will use when running, this should only be changed if you know what you're doing. If you plan to mine any other coin with the algorithms supported you should change that here, all the supported algorithms can be found here: https://xmrig.com/docs/algorithms
The amount of time for the miner to wait until it injects, this avoids some runtime scans that check the miners behavior after being started since it won't do anything while it's being analyzed. Don't put 'Start Delay' at anything lower than 5 seconds while using 'Bypass Windows Defender' to ensure that no files are deleted before they can be run.
Since the Monero algorithm change to RandomX GPU mining hasn't been very profitable, due to this and the greatly increased file size and detections that it causes it's not recommended to use GPU mining when mining Monero. For GPU mining it is better to use something like my Silent ETH Miner that mines Ethereum, both the XMR and ETH miner can run at the same time without any issues.
The easiest way is to run the miner without 'Stealth' enabled and check the Task Manager to see if it's using any CPU. Keep in mind that it won't use any CPU if you do not have any cores or memory available so if you are running it in a VM with for example 1 CPU core and 2 GB of RAM it won't be able to allocate anything and thus will not use any CPU.
You can try my downloader: https://github.com/UnamSanctam/UnamDownloader, which contains it's own "Bypass Windows Defender" and usually has less detections then the miner so downloading the miner through that program can bring down the detections since it will add exclusions before the miner is downloaded and executed.
Enable 'Pause for Obfuscation' to also obfuscate the actual miner, read more here: https://github.com/UnamSanctam/SilentXMRMiner/wiki#pause-for-obfuscation
Since the miner already contains an injector (RunPE, process hollowing) the only real thing that is required is a .NET Obfuscator, you can find a list here: https://github.com/NotPrab/.NET-Obfuscator. There are a lot of obfuscators, both free and paid but the best ones are usually the paid ones but can be quite hard to get and you won't know how good they are until you've already bought it. A free obfuscator I usually link is https://github.com/mkaring/ConfuserEx, if you don't want to set up everything yourself you should be able to load this project this project https://anonfiles.com/7ae3Mb1fu9/SilentXMRMiner8_crproj and obfuscate the loaders with it.
You can run MINERNAME-uninstaller.exe in the same folder as the miner and it should kill and remove everything automatically.
But if you need to do it manually then if you enabled 'Startup' then first kill the process called 'sihost64.exe' or the conhost.exe process with /sihost64 as an argument (if you enabled 'Watchdog' as well) and then kill the miner (the process you chose to inject into, by default explorer.exe). After this, depending on if you ran it as administrator or not go to the registry path "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" with regedit and see if there's an entry for your miner there, if there is then delete it. If you cannot find the miner entry in the registry then open the Task Scheduler and select the library (the first item in the selection in the left box) and then look for an entry with the miner name in the right box where some entries will appear, if you find it then right-click and remove it. After this the miner won't be able to start since you've removed both the startup and the Watchdog.
If you didn't enable 'Startup' then you can just kill the miner process (the process you chose to inject into, by default explorer.exe) and it will be removed.
Yes, they are designed to be able to work together as long as you don't mine with 'GPU Mining' in the XMR miner since then they would interfere with each other. You can build both miners and then use a file binder to combine them into a single file as well if you want them as a single file. Or you can use my downloader: https://github.com/UnamSanctam/UnamDownloader which usually has less detections than a file binder.
Yes, if you create a miner with the same 'Startup' settings ('Save Path' and 'Filename') and 'Inject Into' setting then it will overwrite the miner on the computer with the new one when you run it. Since it won't close down the current running miner it will start the new one if the old one is closed down or if the computer is restarted.