home

WindowsApplication1.exe

WindowsApplication1

The application WindowsApplication1.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.
Product:
WindowsApplication1

Version:
1.0.0.0

MD5:
18274e0eebbfb5485272a4afd5b8b375

SHA-1:
421b4e1b890eded7633a41c58cf9664aedf988d3

SHA-256:
faeb09fb8f3e4a637c073faeed4fedea7f6eee5711ee052fb9f5bca3c7b48e08

Scanner detections:
5 / 68

Status:
Potentially unwanted

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
4/26/2024 5:26:56 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/CoinMiner.hyse
7.11.189.70

avast!
Win.Threat.Undefined
141119-1

Dr.Web
hacktool program Tool.BtcMine.433
9.0.1.05190

ESET NOD32
Win32/BitCoinMiner.BV potentially unsafe application
7.0.302.0

Kaspersky
not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner
15.0.0.543

File size:
784.5 KB (803,328 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
WindowsApplication1.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
11/27/2014 8:36:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:R80Cr1luR8cE593S8W+iH/pFNmqs9JSLXerhMmCKoi5/8Trzaaa:RWxluR8z93S81iH/pjmxWi5/8Tqaa

Entry address:
0xC4D1E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
779.5 KB (798,208 bytes)

Remove WindowsApplication1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.