» desktopsearchservice.exe
Overview
Analysis
File Details

desktopsearchservice.exe

The executable desktopsearchservice.exe has been detected as malware by 30 anti-virus scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.

File name:

MD5:

36faa4a1d30b76396fa5422377b4fad9

SHA-1:

932ce0175380a523681012010d673ef9a05c7bc6

Scanner detections:

30 / 68

Status:

Malware

Explanation:

The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:

5/7/2024 5:30:29 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDV.1093551

1017

Agnitum Outpost

Trojan.CoinMiner

7.1.1

Avira AntiVirus

TR/Rogue.1093551

7.11.140.58

avast!

Win32:BitCoinMiner-DZ [Trj]

2014.9-140424

AVG

Generic8_c

2015.0.3495

Baidu Antivirus

Trojan.Win32.CoinMiner

4.0.3.14424

Bitdefender

Trojan.GenericKDV.1093551

1.0.20.570

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

UnclassifiedMalware

18016

Emsisoft Anti-Malware

Trojan.GenericKDV.1093551

8.14.04.24.05

ESET NOD32

Win32/CoinMiner.EC

8.9613

Fortinet FortiGate

W32/CoinMiner.EC

4/24/2014

F-Secure

Trojan.GenericKDV.1093551

11.2014-24-04_5

G Data

Trojan.GenericKDV.1093551

14.4.24

IKARUS anti.virus

Win32.Malware

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11595

Kaspersky

Trojan.Win32.Miner

14.0.0.3969

McAfee

Artemis!36FAA4A1D30B

5600.7151

Microsoft Security Essentials

Trojan:Win32/Deminnix.gen!A

1.10401

MicroWorld eScan

Trojan.GenericKDV.1093551

15.0.0.342

Norman

Troj_Generic.MRTOP

11.20140424

nProtect

Trojan.GenericKDV.1093551

14.03.30.01

Panda Antivirus

Trj/CI.A

14.04.24.05

Qihoo 360 Security

Win32/Trojan.5ff

1.0.0.1015

Quick Heal

Trojan.Deminnix

4.14.12.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0DIU13

7.2.114

Trend Micro

TROJ_GEN.R0CBC0DIU13

10.465.24

Vba32 AntiVirus

Trojan.Miner

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

27854

File size:

1.6 MB (1,638,400 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Desktopsearchservice.exe

File PE Metadata

Compilation timestamp:

7/5/2013 2:34:03 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

83.82

CTPH (ssdeep):

24576:qo3O7aq37n8gtcH3EKk8M2vNncT6G7vbjhRBxypju4YlojnhA0Ayb0CC2HXxhwL7:qoa2ah+jywHO9CkTxzHyUpWsptfwan

Entry address:

0xF1000

Entry point:

60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB... 
[+]

Packer / compiler:

ASPack v1.08.04

Code size:

704 KB (720,896 bytes)

Remove desktopsearchservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.