How to remove $RGDZ3MM.exe

» File
File Details
Overview
Analysis

$RGDZ3MM.exe

The module $RGDZ3MM.exe has been detected as Trojan.CoinMiner

$RGDZ3MM.exe

Remove $RGDZ3MM.exe

File Details

Main Info:

MD5:	303da26e355099cb1f39aa430231f417
Size:	498 KB
First Published:	2017-11-03 19:18:35 (6 years ago)
Latest Published:	2018-06-24 07:02:53 (5 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2018-06-24 07:02:53 (5 years ago)

Overview

Digital Signature

Signed By:	OOO, "Diod"
Status:	Valid

Common Places:

%windir%\microsoft

%sysdrive%\$recycle.bin\s-1-5-21-1937830806-2856855627-2308550042-1000

%windir%

File Names:

svchost.exe.exe

$RGDZ3MM.exe

$RV2ZGTS.exe

Geography:

	17.0%
	12.8%
	10.6%
	10.6%
	10.6%
	8.5%
	4.3%
	4.3%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%

OS Version:

Windows 10	46.8%
Windows 7	34.0%
Windows 8.1	14.9%
Windows 8	4.3%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00025c64

PE Sections:

Name	Size of data	MD5
.text	352768	0ff020e815f4fd616b77f563098cb618
.rdata	114176	67318dce3bb662f0c08722dc8e0ed046
.data	14336	ab05d323449fe68dcd9289a3447f9c96
.pdata	18944	7cdd887ec7ed5412c1671a36baf05a6f
.rsrc	512	76da06eac51664280ffa175d39a47fb9
.reloc	3584	aa0d3dc211b90a995e1b94ef8d3797b2

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RGDZ3MM.exe

copyright for information about $RGDZ3MM.exe