home

bitcoinstub.exe

The executable bitcoinstub.exe has been detected as malware by 9 anti-virus scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.
MD5:
cbb1668076327360381f22c72114bf65

SHA-1:
228c5406f42396bd0b89ab75be2d86ab86654c4a

Scanner detections:
9 / 68

Status:
Malware

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
4/26/2024 4:49:09 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.BitCoinMiner
4.0.3.14725

Comodo Security
UnclassifiedMalware
18472

Dr.Web
Tool.BtcMine.60
9.0.1.0206

ESET NOD32
Win32/BitCoinMiner (variant)
8.9910

Fortinet FortiGate
W32/BitCoinMiner.I
7/25/2014

McAfee
Artemis!CBB166807632
5600.7059

Norman
Suspicious_Gen2.VIVTO
11.20140725

Panda Antivirus
Trj/Dropper.JUW
14.07.25.08

VIPRE Antivirus
Trojan.Win32.Generic
30066

File size:
153.5 KB (157,184 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\bitcoinstub.exe

File PE Metadata
Compilation timestamp:
9/12/2012 12:35:57 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
1536:iAv9irkRB9ckqHXUcDi8NW38qLPk273b+awyn/7TXT7e36eQbzfEMnS/HJPNbmam:RFFL9cW8SPx73b+aZvW367ff0lNyYb

Entry address:
0xBABC

Entry point:
E8, D9, 7D, 00, 00, E9, 95, FE, FF, FF, FF, 35, 58, 6D, 42, 00, FF, 15, 7C, E0, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 67, 42, 00, 00, 6A, 01, 6A, 00, E8, 8A, 24, 00, 00, 83, C4, 0C, E9, 4F, 24, 00, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 20, 48, 42, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 20...
 
[+]

Code size:
113.5 KB (116,224 bytes)

Remove bitcoinstub.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.