× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: bba38f83d3129f169338841b930655084f2d042e15d01bf7efc0bdd193ab7910
Nome do arquivo: system.exe
Taxa de detecção: 25 / 48
Data da análise: 2013-10-07 15:45:44 UTC ( 4 anos, 7 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
Yandex RiskTool.BitCoinMiner!atPFhBEwxhI 20131007
AhnLab-V3 Trojan/Win32.BitMiner 20131007
AntiVir TR/RogueericKD.928832 20131007
Baidu-International RiskTool.Win32.BitCoinMiner.clf 20131007
BitDefender Trojan.GenericKD.928832 20131007
Commtouch W32/Trojan.FLII-3058 20131007
Comodo UnclassifiedMalware 20131007
DrWeb Tool.BtcMine.90 20131007
Emsisoft Trojan.GenericKD.928832 (B) 20131007
ESET-NOD32 a variant of Win32/BitCoinMiner.P 20131007
F-Secure Trojan.GenericKD.928832 20131007
Fortinet Riskware/BitCoinMiner 20131007
GData Trojan.GenericKD.928832 20131007
Ikarus not-a-virus:RiskTool.Win32.BitCoinMiner 20131007
Kaspersky not-a-virus:RiskTool.Win32.BitCoinMiner.clf 20131007
Malwarebytes PUP.BitCoinMiner 20131007
eScan Trojan.GenericKD.928832 20131007
NANO-Antivirus Riskware.Win32.BtcMine.borgbu 20131007
Panda HackTool/BitCoinMiner.A 20131007
PCTools Trojan.Coinbitminer 20131002
Sophos AV Bitcoin Miner 20131007
Symantec Trojan.Coinbitminer 20131007
TrendMicro TROJ_SPNR.14D113 20131007
TrendMicro-HouseCall TROJ_SPNR.14D113 20131007
VIPRE Trojan.Win32.Generic!BT 20131007
Antiy-AVL 20131007
Avast 20131007
AVG 20131007
Bkav 20131007
ByteHero 20130924
CAT-QuickHeal 20131007
ClamAV 20131007
F-Prot 20131007
Jiangmin 20130903
K7AntiVirus 20131007
K7GW 20131007
Kingsoft 20130829
McAfee 20131007
McAfee-GW-Edition 20131007
Microsoft 20131007
Norman 20131007
nProtect 20131007
Rising 20130930
SUPERAntiSpyware 20131007
TheHacker 20131004
TotalDefense 20131005
VBA32 20131007
ViRobot 20131007
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2011-2013 Ufasoft

Product xCoin Miner
Original name coin-miner.exe
Internal name coin-miner
File version 7.0.13037.0
Description coin-miner
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-03-23 23:02:51
Entry Point 0x000093B0
Number of sections 4
PE sections
PE imports
_adjust_fdiv
__lconv_init
?terminate@@YAXXZ
_exit
__p__commode
__setusermatherr
_purecall
__getmainargs
__dllonexit
_onexit
__set_app_type
atoi
exit
sprintf
__p__fmode
_initterm
_controlfp
__p___initenv
_EH_prolog
memcpy
_XcptFilter
?FindNonce@BitcoinSha256@Coin@@UAE_NAAI@Z
?GetCudaCode@BitcoinMiner@Coin@@UAE?AVString@Ext@@XZ
?SubmitResult@BitcoinMiner@Coin@@UAE_NAAPAVWebClient@Ext@@ABVBitcoinWorkData@2@@Z
?Stop@BitcoinMiner@Coin@@QAEXXZ
?GetWork@BitcoinMiner@Coin@@UAE?AVBitcoinWorkData@2@AAPAVWebClient@Ext@@@Z
?GetOpenclCode@BitcoinMiner@Coin@@UAE?AVString@Ext@@XZ
?InitDevices@BitcoinMiner@Coin@@QAEXAAV?$vector@VString@Ext@@V?$allocator@VString@Ext@@@ExtSTL@@@ExtSTL@@@Z
?GetCalIlCode@BitcoinMiner@Coin@@UAE?AVString@Ext@@_N@Z
?Start@BitcoinMiner@Coin@@QAEXPAVCThreadRef@Ext@@@Z
?GetWebClient@BitcoinMiner@Coin@@UAE?AVBitcoinWebClient@2@PAVWorkerThreadBase@2@@Z
??0BitcoinMiner@Coin@@QAE@XZ
?PrepareData@BitcoinSha256@Coin@@UAEXPBX00@Z
Ord(1952)
My_EH_prolog2
Ord(326)
Ord(416)
Ord(527)
Ord(473)
My__ehvec_copy_ctor
Ord(1971)
Ord(227)
Ord(949)
Ord(1995)
Ord(1389)
Ord(1540)
Ord(1503)
Ord(461)
Ord(779)
Ord(1702)
My_SEH_prolog
Ord(100)
Ord(2034)
Ord(1964)
Ord(1943)
Ord(3029)
Ord(116)
Ord(767)
Ord(420)
Ord(317)
Ord(1364)
Ord(1948)
Ord(1355)
Ord(1543)
My_SEH_epilog
Ord(1502)
Ord(234)
My_SEH_epilog4
Ord(1387)
Ord(1700)
Ord(347)
Ord(1397)
Ord(142)
Ord(1963)
My_SEH_prolog4
Ord(3045)
Ord(2029)
Ord(1505)
Ord(24)
Ord(600)
Ord(269)
Ord(1209)
Ord(1255)
Ord(31)
Ord(15)
Ord(555)
Ord(1951)
Ord(549)
Ord(3027)
?Insert@CBinaryTree@Ext@@IAE?AU?$pair@Viterator@CBinaryTree@Ext@@_N@ExtSTL@@PBX@Z
__CxxFrameHandler3
Ord(6)
Ord(263)
Ord(1962)
Ord(28)
My_except_handler4
My_except_handler3
Ord(47)
Ord(67)
Ord(27)
Ord(3036)
Ord(1975)
Ord(97)
Ord(1456)
Ord(50)
Ord(1507)
Ord(569)
Ord(1991)
Ord(1536)
_My__CxxSetUnhandledExceptionFilter@0
Ord(60)
Ord(3020)
Ord(2002)
Ord(1391)
Ord(3026)
Ord(1935)
Ord(265)
Ord(222)
Ord(1312)
Ord(175)
Ord(432)
Ord(26)
Ord(1165)
Ord(29)
?Main@CConApp@Ext@@QAEHHQAPAD@Z
Ord(264)
Ord(1967)
Ord(2015)
Ord(332)
Ord(443)
Ord(2025)
Ord(1094)
Ord(343)
Ord(2001)
Ord(279)
Ord(68)
Ord(1131)
Ord(1501)
Ord(20)
Ord(1415)
Ord(3065)
Ord(1022)
Ord(1958)
Ord(72)
Ord(1383)
Ord(3049)
Ord(1251)
Ord(325)
Ord(561)
Ord(1508)
Ord(1966)
Ord(1980)
Ord(1970)
Ord(224)
Ord(1552)
Ord(2010)
Ord(1500)
Ord(1414)
Ord(1343)
Ord(1382)
Ord(1378)
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
15360

ImageVersion
0.0

ProductName
xCoin Miner

FileVersionNumber
7.0.13037.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
exe

OriginalFileName
coin-miner.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
7.0.13037.0

URL
http://ufasoft.com/coin

TimeStamp
2013:03:24 00:02:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
coin-miner

ProductVersion
0.5

FileDescription
coin-miner

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (c) 2011-2013 Ufasoft

MachineType
Intel 386 or later, and compatibles

CompanyName
Ufasoft

CodeSize
39424

FileSubtype
0

ProductVersionNumber
0.50.0.0

EntryPoint
0x93b0

ObjectFileType
Executable application

File identification
MD5 b1cb4079e36a88a54ce06f63db5e83bb
SHA1 bd664046af5ace404760a354fa0b2505d67f5848
SHA256 bba38f83d3129f169338841b930655084f2d042e15d01bf7efc0bdd193ab7910
ssdeep
768:AKMfFBxjcYYmuTefXi/gFtmsdMQ2jx5tWgCDPIrtPzj9vol:xMvxIYYmHOwtmQMnOCPle

authentihash 4fc5ef58043936893373289b177e784b5751737ef96e0a3e8d530930284c3155
imphash 7cb9ea7a483e92d2b84d7e2501b9398c
File size 53.5 KB ( 54784 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2013-03-24 07:40:13 UTC ( 5 anos, 2 meses atrás )
Last submission 2013-10-07 15:45:44 UTC ( 4 anos, 7 meses atrás )
Nomes do arquivo C__WINDOWS_system32_msh32.exe
system.exe
windxt.exe
coin-miner
B1CB4079E36A88A54CE06F63DB5E83BB.vir
coin-miner.exe
coin-miner.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!