dgen.exe

The application dgen.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This file is typically installed with the program PC Data App by Adware.BitCoinMiner which is a potentially unwanted software program. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.
MD5:
d3bc929ff5bb65cef6aa0ba180d398e8

SHA-1:
847a757e4cd2b244e7a02cc6f17c1bab43db1e14

SHA-256:
84cbb590866b4e9f4fe20554eb674264c07b27865ead43cd7927bd279933884a

Scanner detections:
5 / 68

Status:
Potentially unwanted

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
3/15/2014 11:09:06 PM UTC  (nine months ago)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
TR/BitCoinMiner.Gen
7.11.137.146

avast!
Win32:Miner-B [PUP]
2014.9-140315

Baidu Antivirus
Trojan.Win64.BitCoinMiner
4.0.3.14315

ESET NOD32
Win64/BitCoinMiner (variant)
8.9555

File size:
390 KB (399,360 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\pcdata\dgen.exe

File PE Metadata
Compilation timestamp:
3/14/2014 3:34:38 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
2.22

CTPH (ssdeep):
12288:LXN2hjVmiZN2hjVmiBVmUNdEk989tturDIrsXnPwIM:Lt73Ek9258Pw

Entry address:
0x14E0

Entry point:
48, 83, EC, 28, C7, 05, 32, 20, 06, 00, 00, 00, 00, 00, E8, 2D, 02, 05, 00, E8, 88, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 53, 48, 83, EC, 20, 85, C9, 89, CB, 74, 28, FF, 15, 37, 41, 06, 00, 48, 8D, 0D, 08, CB, 05, 00, 4C, 8D, 48, 60, 41, B8, 34, 00, 00, 00, BA, 01, 00, 00, 00, E8, 6C, 95, 05, 00, 89, D9, E8, 45, 95, 05, 00, 48, 8D, 0D, 8B, D2, 05, 00, E8, 61, 95, 05, 00, EB, EB, 66, 66, 66, 66, 66, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00, 41, 54, 55, 57, 56, 53, 48, 81, EC, D0, 00, 00, 00, 83, F9, 6F...
 
[+]

Entropy:
6.5389

Code size:
361.5 KB (370,176 bytes)

The file dgen.exe has been discovered within the following program.

PC Data App  by Adware.BitCoinMiner
The software is a Trojan Bitcoin miner that utilizes the open source CGMiner utility. The Trojan Bitcoin miner is an invasive multiple component malware infection. This is a potentially unwanted program that installs malware on the user's PC using the file start.
79% remove it
 
Powered by Should I Remove It?

There are 2 known code variantions that share the same compilation structure.

4 / 68      (PUP)
dgen.exe  (608458558f89eb03f355dedf95137e0a35001637)

9 / 68      (PUP)
dgen.exe  (54b3e2a9d498b6ded33fd444b1ef706cbf75abef)

Detection Incidence by Country