home

4329.exe

The application 4329.exe has been detected as a potentially unwanted program by 38 anti-malware scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power.
MD5:
0dab4181516362fd614ddcda1d18791c

SHA-1:
686f79904301b565d2b1e4541b7d038c342ce334

Scanner detections:
38 / 68

Status:
Potentially unwanted

Explanation:
The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:
11/29/2024 4:32:14 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.34132
-40

AegisLab AV Signature
Troj.Dropper.W32.Agent.lDsu
2.1.4+

AhnLab V3 Security
Dropper/Win32.Injector
2016.05.13

Avira AntiVirus
TR/Zusy.5856.1
8.3.3.4

Arcabit
Trojan.Graftor.D8554
1.0.0.680

avast!
Win32:BitCoinMiner-CL [PUP]
2014.9-170316

AVG
Win32/DH{VA?}
2018.0.2438

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.17316

Bitdefender
Gen:Variant.Graftor.34132
1.0.20.375

Bkav FE
W32.DropperVicenorA.Trojan
1.3.0.7717

Comodo Security
TrojWare.Win32.CoinMiner.AW
25007

Dr.Web
Trojan.Siggen4.40328
9.0.1.075

Emsisoft Anti-Malware
Gen:Variant.Graftor.34132
8.17.03.16.09

ESET NOD32
Win32/CoinMiner.AW (variant)
11.13481

Fortinet FortiGate
W32/Injector.HBMP!tr
3/16/2017

F-Prot
W32/BitCoin.H.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Graftor.34132
11.2017-16-03_5

G Data
Gen:Variant.Graftor.34132
17.3.25

IKARUS anti.virus
Virus.Win32.Heur
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.225.19582

Kaspersky
Trojan.Win32.Inject
14.0.0.-1317

Malwarebytes
Trojan.BitCoinMiner
v2017.03.16.09

McAfee
Generic-FAGB!0DAB41815163
5600.6094

Microsoft Security Essentials
Trojan:Win32/Vicenor.B
1.1.12706.0

MicroWorld eScan
Gen:Variant.Graftor.34132
18.0.0.225

NANO AntiVirus
Trojan.Win32.Injector.bqobqn
1.0.30.8213

nProtect
Trojan-Dropper/W32.Injector.232960.B
16.05.12.01

Panda Antivirus
Trj/Genetic.gen
17.03.16.09

Qihoo 360 Security
Win32/Trojan.Dropper.ec7
1.0.0.1120

Quick Heal
TrojanDropper.Injector.r3
3.17.14.00

Rising Antivirus
Trjoan.Generic-6jwVu0SaKKG (Cloud)
23.00.65.17314

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.14CL13
7.2.75

Trend Micro
TROJ_SPNR.14CL13
10.465.16

Vba32 AntiVirus
Malware-Cryptor.Inject.gen
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Injector.bm
49326

ViRobot
Dropper.A.Injector.232960.K[h]
2014.3.20.0

Zillya! Antivirus
Dropper.Injector.Win32.49717
2.0.0.2860

File size:
227.5 KB (232,960 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Application data\4329.exe

File PE Metadata
Compilation timestamp:
12/12/2012 4:44:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, C4, D0, F9, FF, FF, 68, F4, 01, 00, 00, E8, 59, 82, 03, 00, 68, FD, B0, 43, 00, E8, C3, 01, 00, 00, 0B, C0, 74, 07, 6A, 00, E8, F0, 81, 03, 00, 6A, 00, E8, FB, 81, 03, 00, A3, F9, B0, 43, 00, 68, 00, 02, 00, 00, 8D, 85, 00, FC, FF, FF, 50, FF, 35, F9, B0, 43, 00, E8, D9, 81, 03, 00, C7, 85, FC, FB, FF, FF, 00, 00, 00, 00, 8D, 0D, 8A, 85, 43, 00, 68, 4C, B1, 43, 00, 8D, 85, 00, FC, FF, FF, 50, 51, E8, 11, 02, 00, 00, 0B, C0, 75, 17, 83, 85, FC, FB, FF, FF, 01, 81, BD, FC, FB, FF, FF, 10, 27...
 
[+]

Entropy:
7.9311

Developed / compiled with:
Microsoft Visual C++

Code size:
225 KB (230,400 bytes)

Remove 4329.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.