» awh8aba.tmp
Overview
Analysis
File Details
Downloads (1)

awh8aba.tmp

Setup

Open Source

The file awh8aba.tmp has been detected as a potentially unwanted program by 21 anti-malware scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power. The file has been seen being downloaded from setup-14b7.kxcdn.com.

File name:

awh8aba.tmp

Publisher:

Open Source

Product:

Setup

Version:

1.2

MD5:

b8515f43a917188d05d632b822f9b032

SHA-1:

5fe1415c18fcc8c510880aa913dae684ea8f2f0f

Scanner detections:

21 / 68

Status:

Potentially unwanted

Explanation:

The program will mine for BitCoins using the computer's GPU in the background and may be installed and run without the user's knowledge.

Analysis date:

11/24/2024 6:20:22 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Agent

7.1.1

Avira AntiVirus

TR/BitCoinMiner.4628256

8.3.2.2

avast!

Multi:BitCoinMiner-B [PUP]

2014.9-151114

AVG

Generic

2016.0.2926

Baidu Antivirus

Hacktool.Win32.BitCoinMiner

4.0.3.151114

Clam AntiVirus

Win.Trojan.Bitcoinminer-100

0.98/21511

Dr.Web

Trojan.BtcMine.725

9.0.1.0318

ESET NOD32

Win32/BitCoinMiner.BY potentially unsafe (variant)

9.12482

Fortinet FortiGate

Riskware/BitCoinMiner

11/14/2015

G Data

Archive.Application.Agent.QSCHHO

15.11.25

IKARUS anti.virus

PUA.BitCoinMiner

t3scan.1.9.5.0

K7 AntiVirus

Unwanted-Program

13.212.17685

Kaspersky

not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner

14.0.0.1125

McAfee

Artemis!B8515F43A917

5600.6582

Panda Antivirus

Trj/CI.A

15.11.14.12

Qihoo 360 Security

HEUR/QVM42.1.Malware.Gen

1.0.0.1015

Quick Heal

RiskTool.BitCoinMin.09327

11.15.14.00

Sophos

CpuMiner (PUA)

4.98

Trend Micro

TROJ_GE.F5D16A89

10.465.14

VIPRE Antivirus

RiskTool.Win32.BitCoinMiner (not malicious)

44892

ViRobot

Adware.Bitcoinminer.4288816[h]

2014.3.20.0

File size:

4.1 MB (4,288,816 bytes)

Product version:

1.2

2015 - Open Source

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\awh8aba.tmp

The file awh8aba.tmp has been seen being distributed by the following URL.

http://setup-14b7.kxcdn.com/setup.exe

Remove awh8aba.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.