home

msdtce.exe

MD5:
b1ee3effeef9aa51f46f83555293ac55

SHA-1:
4f1b41cd9166cea8eeba22a02bf6a55f1f409715

SHA-256:
62de799110b8d3170b0d1ce9c5e0e576ed4f6bbbfe340fdc9a5184be372fb1c5

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 3:24:41 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win64/BitCoinMiner.AL potentially unsafe application
7.0.302.0

Kaspersky
not-a-virus:RiskTool.Win64.BitCoinMiner
15.0.0.562

Sophos
PUA 'Bitcoin Miner'
5.23

File size:
439.5 KB (450,048 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\x64\msdtce.exe

File PE Metadata
Compilation timestamp:
1/21/2014 9:19:10 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
6144:75QeFsglWguJ1QhiL4pP4L0JYTwDfC/dTL2pig/sVoMuqhtukWy/:NQ4suWgunQ44ZhpiGMuqDF/

Entry address:
0x2237C

Entry point:
48, 83, EC, 28, E8, EB, BB, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 83, EC, 10, 4C, 89, 14, 24, 4C, 89, 5C, 24, 08, 4D, 33, DB, 4C, 8D, 54, 24, 18, 4C, 2B, D0, 4D, 0F, 42, D3, 65, 4C, 8B, 1C, 25, 10, 00, 00, 00, 4D, 3B, D3, 73, 16, 66, 41, 81, E2, 00, F0, 4D, 8D, 9B, 00, F0, FF, FF, 41, C6, 03, 00, 4D, 3B, D3, 75, F0, 4C, 8B, 14, 24, 4C, 8B, 5C, 24, 08, 48, 83, C4, 10, C3, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00...
 
[+]

Entropy:
6.2238

Code size:
249.5 KB (255,488 bytes)

Scan msdtce.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.