× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: bba38f83d3129f169338841b930655084f2d042e15d01bf7efc0bdd193ab7910
Nome do arquivo: system.exe
Taxa de detecção: 25 / 48
Data da análise: 2013-10-07 15:45:44 UTC ( 4 anos, 2 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
Yandex RiskTool.BitCoinMiner!atPFhBEwxhI 20131007
AhnLab-V3 Trojan/Win32.BitMiner 20131007
AntiVir TR/RogueericKD.928832 20131007
Baidu-International RiskTool.Win32.BitCoinMiner.clf 20131007
BitDefender Trojan.GenericKD.928832 20131007
Commtouch W32/Trojan.FLII-3058 20131007
Comodo UnclassifiedMalware 20131007
DrWeb Tool.BtcMine.90 20131007
Emsisoft Trojan.GenericKD.928832 (B) 20131007
ESET-NOD32 a variant of Win32/BitCoinMiner.P 20131007
F-Secure Trojan.GenericKD.928832 20131007
Fortinet Riskware/BitCoinMiner 20131007
GData Trojan.GenericKD.928832 20131007
Ikarus not-a-virus:RiskTool.Win32.BitCoinMiner 20131007
Kaspersky not-a-virus:RiskTool.Win32.BitCoinMiner.clf 20131007
Malwarebytes PUP.BitCoinMiner 20131007
eScan Trojan.GenericKD.928832 20131007
NANO-Antivirus Riskware.Win32.BtcMine.borgbu 20131007
Panda HackTool/BitCoinMiner.A 20131007
PCTools Trojan.Coinbitminer 20131002
Sophos AV Bitcoin Miner 20131007
Symantec Trojan.Coinbitminer 20131007
TrendMicro TROJ_SPNR.14D113 20131007
TrendMicro-HouseCall TROJ_SPNR.14D113 20131007
VIPRE Trojan.Win32.Generic!BT 20131007
Antiy-AVL 20131007
Avast 20131007
AVG 20131007
Bkav 20131007
ByteHero 20130924
CAT-QuickHeal 20131007
ClamAV 20131007
F-Prot 20131007
Jiangmin 20130903
K7AntiVirus 20131007
K7GW 20131007
Kingsoft 20130829
McAfee 20131007
McAfee-GW-Edition 20131007
Microsoft 20131007
Norman 20131007
nProtect 20131007
Rising 20130930
SUPERAntiSpyware 20131007
TheHacker 20131004
TotalDefense 20131005
VBA32 20131007
ViRobot 20131007
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2011-2013 Ufasoft

Product xCoin Miner
Original name coin-miner.exe
Internal name coin-miner
File version 7.0.13037.0
Description coin-miner
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-03-23 23:02:51
Entry Point 0x000093B0
Number of sections 4
PE sections
PE imports
_adjust_fdiv
__lconv_init
?terminate@@YAXXZ
_exit
__p__commode
__setusermatherr
_purecall
__getmainargs
__dllonexit
_onexit
__set_app_type
atoi
exit
sprintf
__p__fmode
_initterm
_controlfp
__p___initenv
_EH_prolog
memcpy
_XcptFilter
?FindNonce@BitcoinSha256@Coin@@UAE_NAAI@Z
?GetCudaCode@BitcoinMiner@Coin@@UAE?AVString@Ext@@XZ
?SubmitResult@BitcoinMiner@Coin@@UAE_NAAPAVWebClient@Ext@@ABVBitcoinWorkData@2@@Z
?Stop@BitcoinMiner@Coin@@QAEXXZ
?GetWork@BitcoinMiner@Coin@@UAE?AVBitcoinWorkData@2@AAPAVWebClient@Ext@@@Z
?GetOpenclCode@BitcoinMiner@Coin@@UAE?AVString@Ext@@XZ
?InitDevices@BitcoinMiner@Coin@@QAEXAAV?$vector@VString@Ext@@V?$allocator@VString@Ext@@@ExtSTL@@@ExtSTL@@@Z
?GetCalIlCode@BitcoinMiner@Coin@@UAE?AVString@Ext@@_N@Z
?Start@BitcoinMiner@Coin@@QAEXPAVCThreadRef@Ext@@@Z
?GetWebClient@BitcoinMiner@Coin@@UAE?AVBitcoinWebClient@2@PAVWorkerThreadBase@2@@Z
??0BitcoinMiner@Coin@@QAE@XZ
?PrepareData@BitcoinSha256@Coin@@UAEXPBX00@Z
Ord(1952)
My_EH_prolog2
Ord(326)
Ord(416)
Ord(527)
Ord(473)
My__ehvec_copy_ctor
Ord(1971)
Ord(227)
Ord(949)
Ord(1995)
Ord(1389)
Ord(1540)
Ord(1503)
Ord(461)
Ord(779)
Ord(1702)
My_SEH_prolog
Ord(100)
Ord(2034)
Ord(1964)
Ord(1943)
Ord(3029)
Ord(116)
Ord(767)
Ord(420)
Ord(317)
Ord(1364)
Ord(1948)
Ord(1355)
Ord(1543)
My_SEH_epilog
Ord(1502)
Ord(234)
My_SEH_epilog4
Ord(1387)
Ord(1700)
Ord(347)
Ord(1397)
Ord(142)
Ord(1963)
My_SEH_prolog4
Ord(3045)
Ord(2029)
Ord(1505)
Ord(24)
Ord(600)
Ord(269)
Ord(1209)
Ord(1255)
Ord(31)
Ord(15)
Ord(555)
Ord(1951)
Ord(549)
Ord(3027)
?Insert@CBinaryTree@Ext@@IAE?AU?$pair@Viterator@CBinaryTree@Ext@@_N@ExtSTL@@PBX@Z
__CxxFrameHandler3
Ord(6)
Ord(263)
Ord(1962)
Ord(28)
My_except_handler4
My_except_handler3
Ord(47)
Ord(67)
Ord(27)
Ord(3036)
Ord(1975)
Ord(97)
Ord(1456)
Ord(50)
Ord(1507)
Ord(569)
Ord(1991)
Ord(1536)
_My__CxxSetUnhandledExceptionFilter@0
Ord(60)
Ord(3020)
Ord(2002)
Ord(1391)
Ord(3026)
Ord(1935)
Ord(265)
Ord(222)
Ord(1312)
Ord(175)
Ord(432)
Ord(26)
Ord(1165)
Ord(29)
?Main@CConApp@Ext@@QAEHHQAPAD@Z
Ord(264)
Ord(1967)
Ord(2015)
Ord(332)
Ord(443)
Ord(2025)
Ord(1094)
Ord(343)
Ord(2001)
Ord(279)
Ord(68)
Ord(1131)
Ord(1501)
Ord(20)
Ord(1415)
Ord(3065)
Ord(1022)
Ord(1958)
Ord(72)
Ord(1383)
Ord(3049)
Ord(1251)
Ord(325)
Ord(561)
Ord(1508)
Ord(1966)
Ord(1980)
Ord(1970)
Ord(224)
Ord(1552)
Ord(2010)
Ord(1500)
Ord(1414)
Ord(1343)
Ord(1382)
Ord(1378)
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.13037.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
15360

EntryPoint
0x93b0

OriginalFileName
coin-miner.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2011-2013 Ufasoft

FileVersion
7.0.13037.0

URL
http://ufasoft.com/coin

TimeStamp
2013:03:24 00:02:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
coin-miner

ProductVersion
0.5

FileDescription
coin-miner

OSVersion
5.1

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Ufasoft

CodeSize
39424

ProductName
xCoin Miner

ProductVersionNumber
0.50.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 b1cb4079e36a88a54ce06f63db5e83bb
SHA1 bd664046af5ace404760a354fa0b2505d67f5848
SHA256 bba38f83d3129f169338841b930655084f2d042e15d01bf7efc0bdd193ab7910
ssdeep
768:AKMfFBxjcYYmuTefXi/gFtmsdMQ2jx5tWgCDPIrtPzj9vol:xMvxIYYmHOwtmQMnOCPle

authentihash 4fc5ef58043936893373289b177e784b5751737ef96e0a3e8d530930284c3155
imphash 7cb9ea7a483e92d2b84d7e2501b9398c
File size 53.5 KB ( 54784 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2013-03-24 07:40:13 UTC ( 4 anos, 8 meses atrás )
Last submission 2013-10-07 15:45:44 UTC ( 4 anos, 2 meses atrás )
Nomes do arquivo C__WINDOWS_system32_msh32.exe
system.exe
windxt.exe
coin-miner
B1CB4079E36A88A54CE06F63DB5E83BB.vir
coin-miner.exe
coin-miner.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!