How to remove $R3OIL96.exe

» File
File Details
Overview
Analysis

$R3OIL96.exe

The module $R3OIL96.exe has been detected as SuspCPUMiner

$R3OIL96.exe

Remove $R3OIL96.exe

File Details

Main Info:

Product Name:	Gridinsoft® Trojan Killer Portable
Company Name:	Gridinsoft LLC
MD5:	3facb3f36bc20ab43160c6ec8d8301f6
Size:	17 MB
First Published:	2020-07-23 11:44:23 (5 years ago)
Latest Published:	2021-01-03 13:14:07 (4 years ago)

Analysis:

Status:	SuspCPUMiner (on last analysis)
Analysis Date:	2021-01-03 13:14:07 (4 years ago)

Common Places:

%sysdrive%\$recycle.bin

%programfiles%

%programfiles%

%desktop%\software\trojan killer 2.1.13\data

%temp%\_tc1\trojan killer 2.1.13\data

Geography:

	20.0%
	20.0%
	20.0%
	20.0%
	20.0%

OS Version:

Windows 10	60.0%
Windows 7	20.0%
Windows 8.1	20.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000400000
Entry Address:	0x00973e20

PE Sections:

Name	Size of data	MD5
.text	10055168	4d709834e85c9f956cb50eedc0ded7ba
.data	947200	2a64d265e87ee1ee4f3d6266bd9b8640
.bss	0	d41d8cd98f00b204e9800998ecf8427e
.idata	48128	33053b1c8ac2cdc896266a50383aa092
.didata	5632	0b6114de200e665cb56e6e572199984e
.edata	512	ea1e3127ed8c7b134930f49248c35f35
.tls	0	d41d8cd98f00b204e9800998ecf8427e
.rdata	512	b50ecbd1e2a5561b6ea2092aff1c8c89
.reloc	483328	998db1c66a173df56f108930c986d54f
.pdata	506368	4de92ae9fe4688c2a11fed83839b1477
.rsrc	6564864	22f333502879b5a6080e8238a419ba08

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $R3OIL96.exe

copyright for information about $R3OIL96.exe