home

dgen.exe

The application dgen.exe has been detected as a potentially unwanted program by 9 anti-malware scanners. This file is typically installed with the program PC Data App by Adware.BitCoinMiner which is a potentially unwanted software program. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power. While running, it connects to the Internet address sg02-37.ssv4.net on port 6003.
MD5:
c4842c975dbe9c323c6cab1ad5060cdb

SHA-1:
54b3e2a9d498b6ded33fd444b1ef706cbf75abef

SHA-256:
31da53af35f910f8f452da991cbb0e5190f1df5363adb223012a646dbbf1c5a8

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
4/26/2024 12:02:37 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/BitCoinMiner.Gen
7.11.146.238

avast!
Win32:Miner-B [PUP]
2014.9-140505

Baidu Antivirus
Trojan.Win64.BitCoinMiner
4.0.3.1455

Bkav FE
W32.BitcoinMinerP.Trojan
1.3.0.4959

Dr.Web
Trojan.BtcMine.364
9.0.1.0125

ESET NOD32
Win64/BitCoinMiner (variant)
8.9753

Kaspersky
not-a-virus:RiskTool.Win64.BitCoinMiner
14.0.0.3914

Qihoo 360 Security
Win32/Virus.RiskTool.3f3
1.0.0.1015

Sophos
CpuMiner
4.98

File size:
390 KB (399,360 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\pcdapp\dgen.exe

File PE Metadata
Compilation timestamp:
5/1/2014 8:14:04 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
2.22

CTPH (ssdeep):
12288:tHPN2hjVmiZN2hjVmiBVmUNdEk989tturDIrsX5PwIM:tH173Ek925OPw

Entry address:
0x14E0

Entry point:
48, 83, EC, 28, C7, 05, 32, 20, 06, 00, 00, 00, 00, 00, E8, 2D, 02, 05, 00, E8, 88, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 53, 48, 83, EC, 20, 85, C9, 89, CB, 74, 28, FF, 15, 37, 41, 06, 00, 48, 8D, 0D, 08, CB, 05, 00, 4C, 8D, 48, 60, 41, B8, 34, 00, 00, 00, BA, 01, 00, 00, 00, E8, 6C, 95, 05, 00, 89, D9, E8, 45, 95, 05, 00, 48, 8D, 0D, 9B, D2, 05, 00, E8, 61, 95, 05, 00, EB, EB, 66, 66, 66, 66, 66, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00, 41, 54, 55, 57, 56, 53, 48, 81, EC, D0, 00, 00, 00, 83, F9, 6F...
 
[+]

Entropy:
6.5390

Code size:
361.5 KB (370,176 bytes)

The file dgen.exe has been discovered within the following program.

PC Data App  by Adware.BitCoinMiner
The software is a Trojan Bitcoin miner that utilizes the open source CGMiner utility. The Trojan Bitcoin miner is an invasive multiple component malware infection. This is a potentially unwanted program that installs malware on the user's PC using the file start.
79% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP:
Connects to sg02-37.ssv4.net  (128.199.251.166:6003)

Remove dgen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.