» rpcminer-opencl.exe
Overview
Analysis
File Details
Network (2)

rpcminer-opencl.exe

File name:

rpcminer-opencl.exe

MD5:

5ce3621ea098aa8dcf2f0ecbfc08d0a6

SHA-1:

0f6754802d8c94be62f2641ccbab392b59004882

SHA-256:

e8f0379d2464dabf8f8b6a22f44ed0e17e48aceecd3fefaf89bdd86bfd899167

Scanner detections:

10 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

7/14/2025 4:59:24 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

RiskTool.BitCoinMiner

7.1.1

Dr.Web

Tool.BtcMine.36

9.0.1.0133

ESET NOD32

Win32/BitCoinMiner.BE (variant)

8.9566

IKARUS anti.virus

not-a-virus:RiskTool.Win32.BitCoinMiner

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11510

Kaspersky

not-a-virus:RiskTool.Win32.BitCoinMiner

14.0.0.3871

Malwarebytes

Trojan.BitcoinMiner

v2014.05.13.05

NANO AntiVirus

Riskware.Win32.BtcMine.bekvve

0.28.0.58491

Quick Heal

RiskTool.BitCoinMiner.cds (Not a Virus)

5.14.12.00

VIPRE Antivirus

RiskTool.Win32.BitCoinMiner

27570

File size:

236 KB (241,664 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

2/27/2011 3:51:58 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

CTPH (ssdeep):

6144:R2zzCheDh+OeO+OeN7VBBhhBBcNkLO0DWcu2cqROFVKu:szWhyh+OeO+OeNhBBhhBBcEz+

Entry address:

0x24F73

Entry point:

E8, BC, 02, 00, 00, E9, 9E, FD, FF, FF, CC, FF, 25, D8, 81, 42, 00, FF, 25, D4, 81, 42, 00, FF, 25, CC, 81, 42, 00, 68, E9, 4F, 42, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 28, 40, 43, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74... 
[+]

Code size:

156 KB (159,744 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP:

Connects to ec2-54-172-129-105.compute-1.amazonaws.com (54.172.129.105:8332)

TCP:

Connects to static.176.102.76.144.clients.your-server.de (144.76.102.176:8332)

Scan rpcminer-opencl.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.