Threat Database Potentially Unwanted Programs PUP.Coinminer.QGA

PUP.Coinminer.QGA

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Coinminer.QGA
Signature status:	No Signature

Known Samples

MD5: 17eb5691f68774a061f7d2dc897b309b

SHA1: ac2c7adba730d0360e8bbf72bc78ac966216ee3e

SHA256: FE83358CEDAA5429EED1BD236DCED8E1AF045BEB42627E1E625C2CEEC6EA8FD9

File Size: 380.93 KB, 380928 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is 64-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	Microsoft Corporation
File Description	Auto-extracteur de fichier CAB Win32 Win32 Cabinet Self-Extractor
File Version	11.00.18362.418 (WinBuild.160101.0800) 11.00.18362.356 (WinBuild.160101.0800)
Internal Name	Wextract
Legal Copyright	© Microsoft Corporation. All rights reserved. © Microsoft Corporation. Tous droits réservés.
Original Filename	WEXTRACT.EXE .MUI
Product Name	Internet Explorer
Product Version	11.00.18362.418 11.00.18362.356

File Traits

CAB SFX
HighEntropy
Wextract
x64

Windows API Usage

Category

API

Syscall Use

ntdll.dll!NtAlpcSendWaitReceivePort
ntdll.dll!NtClose
ntdll.dll!NtCreateFile
ntdll.dll!NtCreateSection
ntdll.dll!NtFreeVirtualMemory
ntdll.dll!NtMapViewOfSection
ntdll.dll!NtOpenKey
ntdll.dll!NtProtectVirtualMemory
ntdll.dll!NtQueryInformationThread
ntdll.dll!NtQueryInformationToken

Show More

ntdll.dll!NtQueryValueKey
ntdll.dll!NtQueryVirtualMemory
ntdll.dll!NtSetEvent
ntdll.dll!NtTerminateProcess
ntdll.dll!NtTestAlert
ntdll.dll!NtWriteFile
ntdll.dll!NtWriteVirtualMemory
win32u.dll!NtUserGetKeyboardLayout
win32u.dll!NtUserGetThreadState

Trending

Astaroth Banking Trojan

October 14, 2025

Cybersecurity researchers have identified a fresh campaign delivering the Astaroth banking trojan that deliberately uses legitimate services as a fallback to survive takedowns. Rather than relying...

Unhindering.app

Adware, Mac Malware

December 29, 2023

The Unhindering.app is a noxious adware and Mac malware that has been causing havoc among users. This unsafe software not only impacts the performance of your Mac but also compromises your privacy...

Webmail Server Alert Scam

October 13, 2025

In the constantly evolving landscape of cyber threats, scams disguised as legitimate notifications are becoming increasingly sophisticated. The Webmail Server Alert Scam is a prime example, targeting unsuspecting users with fraudulent emails that appear to come from reputable webmail services. These emails are not associated with any legitimate companies, organizations, or service providers and...

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

June 29, 2021 52,510

Printers are notorious for refusing to do their job whenever the user needs it the most. Luckily, if your printer is displaying the Printer Driver is Unavailable' error, then there are a couple of...

Discord Is Stuck on Gray Screen

September 15, 2021 40,314

Sometimes, while using the Discord application, users may get stuck on a gray screen. The problem may occur while streaming or simply loading the application. If this has happened to you and you...

Discord Shows Black Screen when Sharing Screen screenshot

Discord Shows Black Screen when Sharing Screen

June 21, 2021 38,399

When it first launched, Discord was a VoIP platform geared toward the gaming community. However, in the following years, it expanded its scope, added numerous new features, and became one of the...

Loading...