» yac64sse41.exe
Overview
Analysis
File Details

yac64sse41.exe

The application yac64sse41.exe has been detected as a potentially unwanted program by 18 anti-malware scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.

File name:

yac64sse41.exe

MD5:

08014611bc9103815649bc57fa6e1da0

SHA-1:

ed87e9feeacd6c2d1c3b0c8745234b78edc3122b

Scanner detections:

18 / 68

Status:

Potentially unwanted

Explanation:

The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:

7/5/2025 8:59:47 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12154051

786

avast!

Win32:Miner-B [PUP]

2014.9-141206

Baidu Antivirus

Hacktool.Win64.BitCoinMiner

4.0.3.14126

Bitdefender

Trojan.Generic.12154051

1.0.20.1725

Emsisoft Anti-Malware

Trojan.Generic.12154051

8.14.12.11.12

ESET NOD32

Win64/BitCoinMiner (variant)

8.10725

Fortinet FortiGate

Riskware/BitCoinMiner

12/11/2014

F-Secure

Trojan.Generic.12154051

11.2014-11-12_5

G Data

Trojan.Generic.12154051

14.12.24

IKARUS anti.virus

not-a-virus:RiskTool.BitCoinMiner

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.185.14021

Kaspersky

not-a-virus:RiskTool.Win32.BitCoinMiner

14.0.0.2838

McAfee

Artemis!08014611BC91

5600.6925

MicroWorld eScan

Trojan.Generic.12154051

15.0.0.1035

Qihoo 360 Security

Win32/Trojan.Multi.a56

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.11.0

Sophos

Bitcoin Miner

4.98

Trend Micro House Call

Suspicious_GEN.F47V1115

7.2.345

File size:

2.4 MB (2,555,392 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\Windows\System32\yac64sse41.exe

File PE Metadata

Compilation timestamp:

11/12/2014 7:10:09 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

2.23

CTPH (ssdeep):

49152:S+Nmb21n8TE83Zk7qibTtnWl2xdv2QMkfH8KM/F0pav34qENKmfjzT5:x19eMxjxFR8KM90paPuB5

Entry address:

0x14D0

Entry point:

48, 83, EC, 28, C7, 05, C2, D5, 26, 00, 00, 00, 00, 00, E8, DD, 16, 1D, 00, E8, 98, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 53, 48, 83, EC, 20, 48, 85, C9, 48, 89, CB, 74, 43, 83, 39, 01, 74, 2E, 48, 89, D9, 48, C7, 03, 00, 00, 00, 00, 48, C7, 43, 08, 00, 00, 00, 00, 48, C7, 43, 10, 00, 00, 00, 00, 48, 83, C4, 20, 5B, E9, 7A, 72, 1D, 00, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, 49, 10, E8, 67, 72, 1D, 00, EB, C7, 0F, 1F, 44, 00, 00, 48, 83, C4, 20, 5B, C3, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00... 
[+]

Code size:

1.8 MB (1,937,408 bytes)

Remove yac64sse41.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.