Should I block it?

98%
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections

Relationships

PE structurePE file structure
Show functions
Import table
kernel32.dll
CreateFileA, DeleteCriticalSection, EnterCriticalSection, ExitProcess, FreeLibrary, GetConsoleScreenBufferInfo, GetLastError, GetModuleHandleA, GetProcAddress, GetStdHandle, GetSystemTimeAsFileTime, InitializeCriticalSection, InterlockedExchange, IsDBCSLeadByteEx, LeaveCriticalSection, LoadLibraryA, MultiByteToWideChar, PurgeComm, QueryDosDeviceA, SetCommConfig, SetCommTimeouts, SetConsoleCursorPosition, SetUnhandledExceptionFilter, Sleep, SleepEx, TlsGetValue, VirtualProtect, VirtualQuery, WideCharToMultiByte
libblkmaker_jansson-0.1-0.dll
blkmk_submit_jansson, blktmpl_add_jansson, blktmpl_request_jansson
libblkmaker-0.1-0.dll
blkmk_append_coinbase_safe, blkmk_get_data, blkmk_sha256_impl, blkmk_time_left, blkmk_work_left, blktmpl_addcaps, blktmpl_create, blktmpl_free, blktmpl_get_longpoll, strcasecmp
libcurl-4.dll
curl_easy_cleanup, curl_easy_init, curl_easy_perform, curl_easy_reset, curl_easy_setopt, curl_global_cleanup, curl_global_init, curl_slist_append, curl_slist_free_all, curl_version_info
libjansson-4.dll
json_array_get, json_array_size, json_deep_copy, json_delete, json_dumps, json_integer, json_integer_value, json_load_file, json_loadb, json_loads, json_number_value, json_object, json_object_get, json_object_set_new, json_real, json_real_value, json_string, json_string_value
libusb-1.0.dll
libusb_bulk_transfer@24, libusb_claim_interface@8, libusb_close@4, libusb_control_transfer@32, libusb_exit@4, libusb_free_device_list@8, libusb_get_bus_number@4, libusb_get_device_address@4, libusb_get_device_descriptor@8, libusb_get_device_list@8, libusb_get_string_descriptor_ascii@16, libusb_init@4, libusb_open@8, libusb_release_interface@8
msvcrt.dll
DllMain
pdcurses.dll
LINES, cbreak, delwin, echo, endwin, getmaxx, getmaxy, halfdelay, idlok, immedok, initscr, keypad, leaveok, mvwhline, mvwin, mvwprintw, newwin, nocbreak, noecho, scrollok, stdscr, touchwin, vw_printw, wattroff, wattron, wclear, wclrtoeol, wgetch, wgetnstr, wmove, wprintw, wrefresh, wresize
pthreadgc2.dll
pthread_cancel, pthread_cond_broadcast, pthread_cond_destroy, pthread_cond_init, pthread_cond_signal, pthread_cond_timedwait, pthread_cond_wait, pthread_create, pthread_detach, pthread_join, pthread_mutex_destroy, pthread_mutex_init, pthread_mutex_lock, pthread_mutex_trylock, pthread_mutex_unlock, pthread_rwlock_init, pthread_rwlock_rdlock, pthread_rwlock_unlock, pthread_rwlock_wrlock, pthread_self, pthread_setcancelstate, pthread_setcanceltype, ptw32_pop_cleanup, ptw32_push_cleanup
winmm.dll
timeBeginPeriod, timeEndPeriod
ws2_32.dll
WSAGetLastError, WSAIoctl, accept, bind, closesocket, htonl, htons, inet_addr, inet_ntoa, listen, recv, select, send, shutdown, socket

ccc.exe

Remove ccc.exe
MD5:   4b1df9c3c1d385b5f5625825fdb2788a
SHA1:   0c410e362baa667060806f5364216eead8ad0fbd
SHA256:   7b248efd823e27f12eaaebac6b3bc3a93aef6e867774d316dbb562a7ce37a40d
Warning 26 antivirus scanners has detected malware.

Overview

ccc.exe is malware that executes as a process with the local user's privileges typically within the context of its parent cmd.exe (Windows Command Processor by Microsoft). This particular version is usually found on Windows 7 Ultimate (6.1.7601.65536).

DetailsDetails

File name:ccc.exe
Typical file path:C:\users\user\appdata\local\temp\3774.tmp\ccc.exe
Size:385 KB (394,240 bytes)
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

MalwareMalware detections

Based on 40+ industry antivirus scanners, 26 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum 5.5.1.3 RiskTool.BitCoinMiner!twIyKEl7oM8
avast! 6.0.1289.0 Win32:Malware-gen
AVG 2014.0.3629 Generic30.CFLU
BitDefender 7.2 Application.BitCoinMiner.AH
Commtouch 5.4.1.7 W32/Trojan.NNFN-2123
Comodo Internet Security 16318 TrojWare.Win32.BitMiner.~A
Emsisoft Anti-Malware 3.0.0.575 Application.BitCoinMiner.AH (B)
ESET NOD32 7.8372 a variant of Win32/BitCoinMiner.L
Fortinet 5.0.43.0 W32/BitCoinMiner.L
F-Secure 11.0.19020.35 Application.BitCoinMiner.AH
G Data 13.6.22 Application.BitCoinMiner.AH
Ikarus T3.1.4.0.0 Win32.SuspectCrc
K7 AntiVirus 9.168.8751 Riskware
K7GW 12.7.0.12 Riskware
Kaspersky 9.0.0.837 not-a-virus:RiskTool.Win32.BitCoinMiner.cgf
Malwarebytes 1.75.0.1 Trojan.BCMiner
McAfee 5.400.1158 Artemis!4B1DF9C3C1D3
McAfee Gateway Anti-Malware v2012.1-dat Heuristic.LooksLike.Win32.Suspicious.J!89
eScan by MicroWorld 12.0.250.0 Application.BitCoinMiner.AH
NANO AntiVirus 0.24.0.52214 Trojan.Win32.BitCoinMiner.bgjzbf
Norman 7.01.04 Troj_Generic.GKEEZ
Panda Antivirus 10.0.3.5 Trj/OCJ.C
Symantec 20131.1.0.101 WS.Reputation.1
Trend Micro 9.740.0.1012 TROJ_GEN.RCBZ7B8
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.RCBZ7B8
VIPRE Antivirus 18084 Trojan.Win32.Generic!BT

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00079650%
0.028634%
Kernel CPU:0.00044782%
0.013761%
User CPU:0.00034868%
0.014873%
Kernel CPU time:25,309,134,237 ms/min
100,923,805ms/min
Memory
Private memory:63.22 MB
21.59 MB
Private (maximum):54.1 MB
Private (minimum):25.32 MB
Non-paged memory:63.22 MB
21.59 MB
Virtual memory:208.05 MB
140.96 MB
Virtual memory (peak):216.05 MB
169.69 MB
Working set:25.32 MB
18.61 MB
Working set (peak):55.02 MB
37.95 MB
Resource allocations
Threads:18
12
Handles:3872
600
GUI GDI count:4
103
GUI GDI peak:6
142
GUI USER count:6
49
GUI USER peak:7
71

BehaviorsProcess properties

Integrety level:High
Platform:32-bit
Command line:ccc.exe -k phatk -o httC://amdcatalyst.leet.lC:80 -u 123 -p 123 -i 1
Owner:User
Parent process:cmd.exe (Windows Command Processor by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 100.00%

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
GIGABYTE 100.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE