home

asfgwesdasfwea.exe

The executable asfgwesdasfwea.exe has been detected as malware by 35 anti-virus scanners. This is a setup program which is used to install the application. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power. The file has been seen being downloaded from www.weebly.com.
MD5:
baa1555b4d7878ca84962519947ad0c3

SHA-1:
9c701d740f36e50b21e217e9956d15016df432db

SHA-256:
ca7af588ecc17eef6e7328ee65cb45727d92ee109e788f780b3b7988bb228418

Scanner detections:
35 / 68

Status:
Malware

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
4/24/2024 4:13:36 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11431155
524

AhnLab V3 Security
Trojan/Win32.CoinMiner
2015.08.28

Avira AntiVirus
RKIT/14467.A
8.3.2.2

Arcabit
Trojan.Generic.DAE6CF3
1.0.0.425

avast!
Win32:BitCoinMiner-IA [Trj]
2014.9-150829

AVG
Generic_r
2016.0.3002

Baidu Antivirus
Trojan.Win64.CoinMiner
4.0.3.15829

Bitdefender
Trojan.Generic.11431155
1.0.20.1205

Bkav FE
W32.HfsAtIST
1.3.0.7133

Comodo Security
TrojWare.Win64.CoinMiner.~J
23099

Dr.Web
Trojan.Click3.8117
9.0.1.0241

Emsisoft Anti-Malware
Trojan.Generic.11431155
8.15.08.29.10

ESET NOD32
Win64/CoinMiner
9.12162

Fortinet FortiGate
W64/Agent.FK!tr
8/29/2015

F-Secure
Trojan.Generic.11431155
11.2015-29-08_7

G Data
Trojan.Generic.11431155
15.8.25

IKARUS anti.virus
Trojan.Win64.Agent
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.2017031

Kaspersky
Trojan.Win32.BitMin
14.0.0.1505

Malwarebytes
Trojan.Dropper
v2015.08.29.10

McAfee
GenericR-CVX!BAA1555B4D78
5600.6658

MicroWorld eScan
Trojan.Generic.11431155
16.0.0.723

NANO AntiVirus
Trojan.Win32.Click3.dbykpj
0.30.24.3283

nProtect
Trojan.Generic.11431155
15.08.27.01

Panda Antivirus
Trj/Chgt.D
15.08.29.10

Qihoo 360 Security
HEUR/Malware.QVM10.Gen
1.0.0.1015

Quick Heal
Trojan.BitMin.g5
8.15.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.17001999!385882521[F1]
23.00.65.15827

Sophos
Mal/Miner-C
4.98

Total Defense
Win32/BitcoinMiner.cFBWVSD
37.1.62.1

Trend Micro House Call
TROJ_COINMINER.M
7.2.241

Trend Micro
TROJ_COINMINER.M
10.465.29

Vba32 AntiVirus
Trojan.BitMin
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
43258

ViRobot
Trojan.Win32.A.Adond.2451968[h]
2014.3.20.0

File size:
2.3 MB (2,451,968 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\appdata\roaming\asfgwesdasfwea.exe

File PE Metadata
Compilation timestamp:
7/3/2014 5:47:36 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:Ekwkn9IMHea6EcmajDT+P+j9DBeeL/t54PvlGK/BGxOv1lU43i3/aPCS:vdnV/9HmtB//t54sK/BGxkI3CPC

Entry address:
0x26BF7

Entry point:
E8, 97, CF, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 70, A3, 4B, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03...
 
[+]

Entropy:
7.7105  (probably packed)

Code size:
560 KB (573,440 bytes)

The file asfgwesdasfwea.exe has been seen being distributed by the following URL.

http://www.weebly.com/uploads/3/1/6/5/.../64.exe

Remove asfgwesdasfwea.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.