How to remove lsma12.exe
lsma12.exe
The module lsma12.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | XMRig |
| Company Name: | ssssssssss |
| MD5: | e1c631dd46645aff359d94b6050902f4 |
| Size: | 701 KB |
| First Published: | 2020-09-27 21:22:02 (4 years ago) |
| Latest Published: | 2024-04-18 23:06:53 (a year ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2024-04-18 23:06:53 (a year ago) |
Common Places:
| %windir%\inf |
| %windir%\inf |
| %windir%\inf |
| %system%\config\systemprofile\appdata\local\microsoft\windows\temporary internet files |
| %windir%\inf |
| %system%\config\systemprofile\appdata\local\microsoft\windows\temporary internet files |
| %system%\config\systemprofile\appdata\local\microsoft\windows\inetcache |
| %system%\config\systemprofile\appdata\local\microsoft\windows\inetcache |
| %system%\config\systemprofile\appdata\local\microsoft\windows\inetcache |
| %system%\config\systemprofile\appdata\local\microsoft\windows\inetcache |
Geography:
| 51.0% | ||
| 25.6% | ||
| 5.0% | ||
| 3.9% | ||
| 3.3% | ||
| 1.9% | ||
| 1.1% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% |
OS Version:
| Windows Server 2012 R2 | 54.3% | |
| Windows Server 2008 R2 | 36.4% | |
| Windows 7 | 4.4% | |
| Windows Server 2012 | 2.8% | |
| Windows Server 2003 | 1.1% | |
| Windows XP | 1.1% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x004e08a0 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | d41d8cd98f00b204e9800998ecf8427e |
| UPX1 | 693760 | c9819b1ac93ad2d148f7a4e7b00cf16a |
| .rsrc | 23552 | 00ea3359e25f3203449a0b830f60001e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for lsma12.exe
