home

geocoin-qt.exe

GeoCoin-Qt

GeoCoin

The executable geocoin-qt.exe, “GeoCoin-Qt (OSS GUI client for GeoCoin)” has been detected as malware by 8 anti-virus scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.
Publisher:
GeoCoin

Product:
GeoCoin-Qt

Description:
GeoCoin-Qt (OSS GUI client for GeoCoin)

Version:
0.8.7.0

MD5:
586656142a2e95dd1efdd9342fa24146

SHA-1:
6405096c45f1530d8b4c55cf57d9a932bd173813

SHA-256:
8f3d7e8981036c907280f695d78ed18c1be3a91cd222b7892c540ee523ab30ce

Scanner detections:
8 / 68

Status:
Malware

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
4/25/2024 7:07:38 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/BitCoinMiner.21694464
7.11.205.68

ESET NOD32
Win32/BitCoinMiner.BJ (variant)
9.11075

Fortinet FortiGate
Riskware/BitCoinMiner
1/28/2015

IKARUS anti.virus
Trojan.BitCoinMiner
t3scan.1.8.6.0

Kaspersky
Trojan.Win32.IRCbot
14.0.0.2573

McAfee
Artemis!586656142A2E
5600.6872

Qihoo 360 Security
Win32/Trojan.d75
1.0.0.1015

Trend Micro House Call
TROJ_GEN.R047H07AQ15
7.2.28

File size:
20.7 MB (21,694,464 bytes)

Product version:
0.8.7.0

Copyright:
2009-2014 The Bitcoin developers 2011-2014 The GeoCoin developers

Original file name:
geocoin-qt.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
5/9/1975 11:59:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.24

CTPH (ssdeep):
393216:vR1Koc3OEcxr/f4iCih5a3ffOWQoml/SdwJnERiFVrOrYCMv0LZs29JgcR7IWv9v:vRIzyf4iCih5a3ffOWQomcdwJnERiFVc

Entry address:
0x14C0

Entry point:
83, EC, 0C, C7, 05, 28, F6, 8A, 01, 01, 00, 00, 00, E8, AE, C6, 13, 00, 83, C4, 0C, E9, A6, FC, FF, FF, 8D, B6, 00, 00, 00, 00, 83, EC, 0C, C7, 05, 28, F6, 8A, 01, 00, 00, 00, 00, E8, 8E, C6, 13, 00, 83, C4, 0C, E9, 86, FC, FF, FF, 90, 90, 90, 90, 90, 90, 55, 89, E5, 56, 53, 83, EC, 10, 8B, 1D, 6C, 7D, 8B, 01, C7, 04, 24, 00, 30, 1A, 01, FF, D3, 89, C6, 83, EC, 04, 85, F6, B8, 00, EE, F1, 00, 74, 29, C7, 04, 24, 00, 30, 1A, 01, FF, 15, 14, 7E, 8B, 01, 83, EC, 04, A3, 38, E0, 8A, 01, C7, 44, 24, 04, 13, 30...
 
[+]

Entropy:
6.6143

Code size:
13.6 MB (14,212,608 bytes)

Remove geocoin-qt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.