× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 174573464aaadb662673b66bc18f3e511bfa4af6de61a3168dfef97a3d1f2af6
Имя файла: MFCoin-qt.exe
Показатель выявления: 32 / 65
Дата анализа: 2017-10-28 20:36:15 UTC (1 год, 5 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
AegisLab Ml.Attribute.Gen!c 20171028
Antiy-AVL Trojan/Win32.IRCbot 20171028
Avira (no cloud) TR/BitCoinMiner.olrti 20171028
AVware Backdoor.IRCBot 20171028
CAT-QuickHeal Trojan.IGENERIC 20171028
Comodo UnclassifiedMalware 20171028
Cyren W32/Trojan.PATM-1222 20171028
Endgame malicious (high confidence) 20171024
ESET-NOD32 a variant of Win32/BitCoinMiner.BJ potentially unsafe 20171028
Fortinet Riskware/BitCoinMiner 20171028
GData Win32.Trojan.Agent.N214DP 20171028
Ikarus Trojan.Win32.IRCBot 20171028
Sophos ML heuristic 20170914
K7AntiVirus Unwanted-Program ( 004baab71 ) 20171027
K7GW Unwanted-Program ( 004baab71 ) 20171028
Kaspersky HEUR:Trojan.Win32.Generic 20171028
McAfee Artemis!B308E42E9453 20171028
McAfee-GW-Edition Artemis 20171028
NANO-Antivirus Trojan.Win32.IRCbot.erpbww 20171028
nProtect Trojan/W32.IRCBot.20379648 20171028
Palo Alto Networks (Known Signatures) generic.ml 20171028
Panda Trj/GdSda.A 20171028
SentinelOne (Static ML) static engine - malicious 20171019
Sophos AV Bitcoin Miner (PUA) 20171028
Symantec Trojan.Gen.2 20171027
Tencent Win32.Trojan.Ircbot.Pboq 20171028
TrendMicro TROJ_GEN.R00GC0OHB17 20171028
TrendMicro-HouseCall TROJ_GEN.R00GC0OHB17 20171028
VIPRE Backdoor.IRCBot 20171028
Yandex Trojan.IRCbot!wCdX51C+4Ls 20171027
Zillya Trojan.IRCBot.Win32.10327 20171027
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20171028
Ad-Aware 20171028
AhnLab-V3 20171028
Alibaba 20170911
ALYac 20171028
Arcabit 20171028
Avast 20171028
Avast-Mobile 20171028
AVG 20171028
Baidu 20171027
BitDefender 20171028
Bkav 20171028
ClamAV 20171028
CMC 20171028
CrowdStrike Falcon (ML) 20171016
Cybereason 20170628
Cylance 20171028
eGambit 20171028
Emsisoft 20171028
F-Prot 20171028
F-Secure 20171028
Jiangmin 20171028
Kingsoft 20171028
Malwarebytes 20171028
MAX 20171028
Microsoft 20171028
eScan 20171028
Qihoo-360 20171028
SUPERAntiSpyware 20171028
Symantec Mobile Insight 20171027
TheHacker 20171028
Trustlook 20171028
VBA32 20171027
ViRobot 20171028
Webroot 20171028
WhiteArmor 20171024
Zoner 20171028
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2009-2016 The Bitcoin developers 2011-2016 The MFCoin developers

Product MFCoin-Qt
Original name MFCoin-qt.exe
Internal name MFCoin-qt
File version 1.0.0.1
Description MFCoin-Qt (OSS GUI client for MFCoin)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-03 02:46:19
Entry Point 0x00001284
Number of sections 9
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
CopySid
RegQueryValueExA
RegDeleteKeyW
RegQueryValueExW
SetSecurityDescriptorDacl
RegFlushKey
OpenProcessToken
DeregisterEventSource
RegOpenKeyExW
RegisterEventSourceA
GetTokenInformation
RegQueryInfoKeyW
RegEnumKeyExW
GetLengthSid
RegDeleteValueW
RegSetValueExW
FreeSid
RegEnumValueW
InitializeSecurityDescriptor
ReportEventA
GetSaveFileNameW
GetOpenFileNameW
SetGraphicsMode
GetCharABCWidthsW
GetCharABCWidthsFloatW
CreateFontIndirectW
SetBkMode
GetGlyphOutlineW
CreatePen
GetBkMode
SaveDC
SetTextAlign
GetPaletteEntries
EndPath
CombineRgn
GetTextMetricsW
StretchBlt
GetDeviceCaps
LineTo
OffsetRgn
DeleteDC
SetWorldTransform
RestoreDC
PolyBezierTo
SetPolyFillMode
EndDoc
PtInRegion
StartPage
GetRegionData
FillPath
CreateDCW
CreateDIBSection
RealizePalette
SetTextColor
GetObjectA
MoveToEx
ExtTextOutW
GetObjectW
CreateEllipticRgn
CreateBitmap
BitBlt
CreatePalette
EnumFontFamiliesExW
GetStockObject
SelectPalette
GetOutlineTextMetricsW
GetDIBits
GdiFlush
SelectClipRgn
CreateCompatibleDC
GetTextExtentPoint32W
StartDocW
StrokePath
EndPage
CreateRectRgn
CloseFigure
AbortDoc
GetNearestPaletteIndex
CreateSolidBrush
GetTextFaceW
ExtCreatePen
SelectObject
GetFontData
ResetDCW
BeginPath
DeleteObject
CreateCompatibleBitmap
SelectClipPath
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetDefaultIMEWnd
ImmNotifyIME
ImmGetContext
ImmSetCandidateWindow
ImmReleaseContext
ImmGetCompositionStringW
ImmAssociateContext
GetIpAddrTable
GetBestRoute
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
CreateWaitableTimerA
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
GetFileAttributesW
lstrcmpW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
MoveFileW
IsValidLanguageGroup
OpenFileMappingA
SetErrorMode
GetLogicalDrives
GetFileInformationByHandle
GetLocaleInfoW
GetFileTime
IsDBCSLeadByteEx
GetTempPathA
WideCharToMultiByte
GetOverlappedResult
InterlockedExchange
GetTempPathW
MoveFileA
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetThreadPriority
SetEvent
LocalFree
FormatMessageW
ConnectNamedPipe
SetWaitableTimer
GetEnvironmentVariableA
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
GetFullPathNameW
QueueUserWorkItem
OutputDebugStringA
VirtualQuery
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
InitializeCriticalSection
CopyFileW
GetUserDefaultLangID
GetModuleFileNameW
ExitProcess
GetVersionExA
GetModuleFileNameA
FlushViewOfFile
QueueUserAPC
VerSetConditionMask
LockFileEx
SetThreadPriority
CreateDirectoryExW
GetVolumeInformationW
LoadLibraryExW
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
SetFilePointerEx
FindNextChangeNotification
SetFilePointer
SetFileAttributesW
InterlockedExchangeAdd
CreateSemaphoreA
CreateThread
VirtualLock
MoveFileExW
GetSystemDirectoryW
DisconnectNamedPipe
CreateSemaphoreW
CreateMutexW
MoveFileExA
GlobalMemoryStatus
FindCloseChangeNotification
SetUnhandledExceptionFilter
GetVersion
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SleepEx
CloseHandle
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
PeekNamedPipe
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
GlobalSize
GetStartupInfoA
UnlockFile
OpenProcess
CreateDirectoryA
DeleteFileA
GetDateFormatW
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GetProcAddress
GetSystemInfo
GetProcessHeap
CreateWaitableTimerW
GetProfileStringW
CompareStringW
GetFileSizeEx
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
CreateFileMappingA
FindNextFileA
IsValidLocale
DuplicateHandle
FindFirstFileExW
GetUserDefaultLCID
CreateEventW
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
GetCurrencyFormatW
InterlockedIncrement
GetLastError
SystemTimeToFileTime
CreateFileMappingW
VirtualAllocEx
CreateNamedPipeW
GlobalFree
ResumeThread
GetTimeFormatW
GlobalUnlock
LockFile
FindFirstChangeNotificationW
GetQueuedCompletionStatus
WaitForSingleObjectEx
SwitchToThread
GetCurrentDirectoryW
VirtualFreeEx
GetCurrentProcessId
WaitNamedPipeW
CreateIoCompletionPort
SetFileTime
GetCommandLineW
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
VirtualUnlock
ReadFile
PulseEvent
FindFirstFileA
VerifyVersionInfoW
GlobalLock
GetModuleHandleW
GetFileAttributesExW
GetLongPathNameW
TlsGetValue
UnmapViewOfFile
WriteFile
PostQueuedCompletionStatus
CreateProcessW
WaitForMultipleObjects
Sleep
OpenEventA
GetAcceptExSockaddrs
AcceptEx
OleUninitialize
CoUninitialize
CoInitialize
OleFlushClipboard
CoLockObjectExternal
ReleaseStgMedium
CoCreateGuid
RegisterDragDrop
CoCreateInstance
DoDragDrop
RevokeDragDrop
OleSetClipboard
CoGetMalloc
OleGetClipboard
OleIsCurrentClipboard
CoTaskMemFree
StringFromGUID2
OleInitialize
VariantInit
SysAllocStringLen
Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderPathA
SHGetFileInfoW
PathFileExistsW
PathRemoveFileSpecW
SetFocus
SetWindowRgn
SetWindowPos
EndPaint
ScrollWindowEx
WindowFromPoint
SetCaretBlinkTime
SetMenuItemInfoW
GetDC
DestroyCursor
GetCursorPos
ReleaseDC
GetMenu
TranslateMessage
UnregisterClassW
GetClassInfoW
ToAscii
SetCaretPos
CallNextHookEx
GetSysColor
LoadImageW
ClientToScreen
GetActiveWindow
InvalidateRgn
DestroyWindow
GetUserObjectInformationW
GetParent
UpdateWindow
CreateCaret
GetMessageW
ShowWindow
FlashWindowEx
ValidateRgn
PeekMessageW
SetWindowPlacement
GetClipboardFormatNameW
GetSystemMenu
SetParent
DestroyCaret
CreateCursor
CharNextExA
GetIconInfo
GetQueueStatus
RegisterClassW
IsZoomed
GetWindowPlacement
SetWindowLongW
GetKeyboardLayoutList
IsIconic
TrackPopupMenuEx
SetTimer
GetKeyboardLayout
GetSysColorBrush
CreateWindowExW
GetWindowLongW
GetUpdateRect
IsChild
MapWindowPoints
RegisterWindowMessageW
BeginPaint
DefWindowProcW
KillTimer
MapVirtualKeyW
ClipCursor
SetClipboardViewer
GetSystemMetrics
EnableMenuItem
GetWindowRect
SetCapture
ReleaseCapture
GetProcessWindowStation
DrawIconEx
SetWindowTextW
CreateIconIndirect
ScreenToClient
PostMessageW
GetKeyboardState
GetDesktopWindow
SetWindowsHookExW
LoadIconW
FindWindowExW
DispatchMessageW
SetForegroundWindow
GetAsyncKeyState
GetCaretBlinkTime
HideCaret
FindWindowW
MessageBeep
GetWindowThreadProcessId
SendMessageW
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
MessageBoxA
ChangeClipboardChain
AdjustWindowRectEx
MsgWaitForMultipleObjectsEx
RegisterClipboardFormatW
GetKeyState
GetWindowRgn
GetDoubleClickTime
DestroyIcon
IsWindowVisible
SetDoubleClickTime
SetCursorPos
SystemParametersInfoW
InvalidateRect
GetClientRect
ToUnicode
GetFocus
SetCursor
PlaySoundW
DeviceCapabilitiesW
GetPrinterW
EnumFormsW
EnumPrintersW
ClosePrinter
OpenPrinterW
getaddrinfo
htonl
shutdown
WSARecv
accept
ioctlsocket
WSAStartup
freeaddrinfo
WSASocketW
getsockname
WSAAddressToStringA
htons
getnameinfo
WSAGetLastError
gethostname
getsockopt
recv
send
ntohl
inet_addr
WSASend
ntohs
select
listen
__WSAFDIsSet
WSACleanup
WSASetLastError
WSAAsyncSelect
closesocket
setsockopt
socket
bind
sendto
connect
__p__fmode
wcsftime
__p__environ
fclose
_snwprintf
strtoul
_fstat
fflush
strtol
fputc
system
_wgetenv
strtod
fwrite
frexp
fputs
realloc
_setjmp
_close
iswctype
wcscoll
_exit
ceil
_wfopen
strstr
_write
_clearfp
perror
ctime
memmove
localtime
signal
wcsrchr
freopen
strcmp
memchr
strncmp
toupper
fgetc
strcat
_stricmp
atexit
_setmode
fgets
strchr
asin
fopen
_beginthread
fgetpos
fsetpos
strftime
ftell
exit
sprintf
strrchr
modf
gmtime
free
ungetc
_getdrive
__getmainargs
ungetwc
raise
_stat
_lseeki64
cos
_vsnprintf
putchar
_flushall
_read
wcsxfrm
strcpy
__mb_cur_max
acos
_ftime
_iob
rand
_putenv
setlocale
pow
_getcwd
strxfrm
_open_osfhandle
isprint
_lseek
_assert
printf
_commit
_memicmp
strncpy
_cexit
log
puts
mktime
qsort
_tzset
_open
_onexit
wcslen
isalpha
_snprintf
memcmp
_filbuf
srand
vprintf
_isctype
_pctype
getenv
atoi
vfprintf
atol
atof
strcoll
log10
localeconv
strerror
isspace
_beginthreadex
strspn
_strnicmp
putwc
_tzname
malloc
sscanf
fread
_waccess
abort
fprintf
getwc
tan
ispunct
strlen
_endthreadex
_fdopen
_control87
_chsize
fseek
sqrt
_get_osfhandle
_strdup
_errno
sin
longjmp
tolower
atan
calloc
setbuf
_getch
towupper
towlower
floor
atan2
_filelengthi64
setvbuf
time
wcsstr
_wgetdcwd
_flsbuf
_wchmod
__set_app_type
Number of PE resources by type
RT_ICON 12
RT_GROUP_ICON 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 15
PE resources
ExifTool file metadata
UninitializedDataSize
32768

InitializedDataSize
20378624

ImageVersion
1.0

ProductName
MFCoin-Qt

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Large address aware, 32-bit, No debug

CharacterSet
Windows, Latin1

LinkerVersion
2.22

FileTypeExtension
exe

OriginalFileName
MFCoin-qt.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.1

LegalTrademarks1
Distributed under the MIT/X11 software license, see the accompanying file COPYING or http://www.opensource.org/licenses/mit-license.php.

TimeStamp
2017:08:03 04:46:19+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
MFCoin-qt

SubsystemVersion
4.0

ProductVersion
1.0.0.1

FileDescription
MFCoin-Qt (OSS GUI client for MFCoin)

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
2009-2016 The Bitcoin developers 2011-2016 The MFCoin developers

MachineType
Intel 386 or later, and compatibles

CompanyName
MFCoin

CodeSize
13161472

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x1284

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 b308e42e94537db0269a318c2ba3d44f
SHA1 8aa0420407c8b95bdc9dff33e67f3ce6a7e37a61
SHA256 174573464aaadb662673b66bc18f3e511bfa4af6de61a3168dfef97a3d1f2af6
ssdeep
196608:jEq26LN5kVCfBgro2Q45Kat7oihXstLJieyNSg8+v41W0q/Jvh/wXSQBOmvzZChT:f7PSLn/F31nKDfiK8QJsv6tWKFdu9C

authentihash f648eed90a0eca990bdbd24f4a1d8bd737e43f9bac1147e21a656ddcef958566
imphash c77e2f3e5fcc57844027478641852be5
Размер файла 19.4 MБ ( 20379648 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (38.5%)
Win32 EXE PECompact compressed (generic) (37.2%)
Microsoft Visual C++ compiled executable (generic) (14.7%)
Win32 Executable (generic) (4.0%)
OS/2 Executable (generic) (1.8%)
Tags
peexe irc

VirusTotal metadata
First submission 2017-08-03 03:21:26 UTC (1 год, 8 месяцев назад)
Last submission 2019-03-19 00:26:30 UTC (1 месяц назад)
Имена файлов mfcoin-qt.exe
MFCoin-qt.exe
MFCoin-qt.exe
MFCoin-qt.exe
MFCoin-qt
output.118390612.txt
MFCoin-qt.exe
MFCoin-qt.exe
MFCoin-qt.exe.infected
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
HTTP requests
DNS requests
TCP connections
UDP communications