» actionv1-online1.rar
Overview
Analysis
File Details
Downloads (1)

actionv1-online1.rar

The file actionv1-online1.rar has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power. The file has been seen being downloaded from d11.usercdn.com.

File name:

MD5:

240f64185999202f0c84c29004ce0aea

SHA-1:

e646ea34d3aee4eaed12aeb8c38b7168384942ff

SHA-256:

5eb488d2a67c05764cf5d9fadb38dd76341cc0bbd2be049fe8aed07ba38d1004

Scanner detections:

27 / 68

Status:

Potentially unwanted

Explanation:

The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:

12/26/2024 5:14:11 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.198089

387

Agnitum Outpost

PUP.Patcher

7.1.1

Arcabit

Trojan.Kazy.D305C9

1.0.0.585

avast!

Win32:Patcher-AK [PUP]

2014.9-160114

Baidu Antivirus

HackTool.Win32.Patcher.H1210s

4.0.3.16114

Bitdefender

Gen:Variant.Kazy.198089

1.0.20.70

Comodo Security

TrojWare.Win32.Agent.WFN

23487

Emsisoft Anti-Malware

Gen:Variant.Kazy.198089

8.16.01.14.05

ESET NOD32

Win32/HackTool.Patcher.AD potentially unsafe (variant)

10.12475

Fortinet FortiGate

Riskware/GamePatcher

1/14/2016

F-Prot

W32/Agent.KFY

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.198089

11.2016-14-01_5

G Data

Gen:Variant.Kazy.198089

16.1.25

K7 AntiVirus

Trojan

13.212.17669

Malwarebytes

HackTool.Patcher

v2016.01.14.05

McAfee

RDN/Generic PUP.z

5600.6521

MicroWorld eScan

Gen:Variant.Kazy.198089

17.0.0.42

Panda Antivirus

Generic Suspicious

16.01.14.05

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1015

Quick Heal

Riskware.Dupatcher.A4

1.16.14.00

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.16112

Sophos

Troj/Agent-WFN

4.98

Trend Micro House Call

TROJ_GE.9F5CEC47

7.2.14

Trend Micro

TROJ_GE.9F5CEC47

10.465.14

Vba32 AntiVirus

Trojan.BAT.BitCoinMiner

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Agent.wfn

44860

Zillya! Antivirus

Tool.Patcher.Win32.13166

2.0.0.2478

File size:

630.9 KB (646,089 bytes)

Common path:

C:\users\{user}\downloads\actionv1-online1.rar

The file actionv1-online1.rar has been seen being distributed by the following URL.

https://d11.usercdn.com/d/.../Actionv1-Online1.rar

Remove actionv1-online1.rar - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.