How to remove $RQ2B0S3.exe

» File
File Details
Overview
Analysis

$RQ2B0S3.exe

The module $RQ2B0S3.exe has been detected as Trojan.CoinMiner

Remove $RQ2B0S3.exe

File Details

Main Info:

Product Name:	Main Services
Company Name:	System Native
MD5:	d117bcec836985e708099b7fb123aa84
Size:	558 KB
First Published:	2018-01-12 06:08:48 (7 years ago)
Latest Published:	2018-07-18 09:17:42 (6 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2018-07-18 09:17:42 (6 years ago)

Overview

Digital Signature

Signed By:	Garry Lachman
Status:	Valid

Common Places:

%programfiles%\system native

%windir%\temp

%sysdrive%\$recycle.bin

%sysdrive%\$recycle.bin\s-1-5-21-617333665-1130277085-2315668691-1001\$r9weqnj

File Names:

updater.exe

$RQ2B0S3.exe

Geography:

	13.9%
	13.4%
	10.2%
	9.6%
	8.0%
	5.9%
	3.2%
	3.2%
	2.7%
	2.7%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	1.6%
	1.6%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%

OS Version:

Windows 7	47.1%
Windows 10	45.5%
Windows 8.1	4.8%
Windows 8	2.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0003cc73

PE Sections:

Name	Size of data	MD5
.text	369664	a0afd883bf5b51471fb96b53aad5a9ec
.rdata	112128	fc950a3e7af62207b3c078c2df85a24c
.data	4096	d914976d80d650f9b8112756fe9dddf2
.rsrc	55808	de51c8105bac414270c78987ff5673a6
.reloc	21504	4ab5b1d9a7de96dd11722b785d8303ef

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RQ2B0S3.exe

copyright for information about $RQ2B0S3.exe

How to remove $RQ2B0S3.exe

$RQ2B0S3.exe

The module $RQ2B0S3.exe has been detected as Trojan.CoinMiner

File Details

Main Info:

Main Services

System Native

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: