How to remove $RUMJDKE.exe
- File Details
- Overview
- Analysis
$RUMJDKE.exe
The module $RUMJDKE.exe has been detected as Trojan.CoinMiner
File Details
MD5: |
c720ac483a5752c2b69945a8ad673162 |
Size: |
1 MB |
First Published: |
2018-10-18 03:12:09 (5 years ago) |
Latest Published: |
2020-10-13 09:42:05 (3 years ago) |
Status: |
Trojan.CoinMiner (on last analysis) |
|
Analysis Date: |
2020-10-13 09:42:05 (3 years ago) |
%temp% |
%appdata% |
%system%\config\systemprofile\appdata\roaming |
%windir% |
%sysdrive% |
%sysdrive%\$recycle.bin |
%commonstartup% |
%startup% |
%programfiles%\trend micro\security server |
%profile% |
docv8.exe |
DOC001.exe |
$RUINXFE.exe |
$REMUCS0.exe |
$R4KZXP8.exe |
$RC4R04N.exe |
$RRX8ZGJ.exe |
$R992NPQ.exe |
doc.exe |
$RH4G09Z.exe |
$R0BZXB0.exe |
$RRVG2OH.exe |
$R5T29IY.exe |
$RHP202V.exe |
$RK9DEXM.exe |
$RERH1WD.exe |
$RURI0YG.exe |
$RBB69DB.exe |
$RLAVMQX.exe |
$RTSU9RC.exe |
$RU1E5IT.exe |
$RBX0JCI.exe |
$R6CL203.exe |
$R41ZA0E.exe |
$RIWBQWP.exe |
$R5ZL3N1.exe |
$RYNFS99.exe |
$RMERT3T.exe |
$RYVDKLO.exe |
$RWCYOI8.exe |
$R8SKBR3.exe |
$R5FOF5J.exe |
$RTNUF1G.exe |
$R4610LK.exe |
$R5D13SS.exe |
$RWO1UB0.exe |
$R98SMSN.exe |
$RXY4DNZ.exe |
$RCK2BW3.exe |
trz23A8.tmp |
$RGY3OJ8.exe |
$RWIOA1T.exe |
$RNUGSDW.exe |
avz00001.dta |
$RSUZ0G3.exe |
$RIS621J.exe |
$RKCU9HR.exe |
$R6MKBM2.exe |
$R22E94Y.exe |
$RAU0H29.exe |
$RVKIAEM.exe |
$R9HIZ76.exe |
$RPJHMRW.exe |
$RWBWHN8.exe |
$RDTQ2AU.exe |
$RUMJDKE.exe |
|
37.7% |
|
|
13.2% |
|
|
6.6% |
|
|
5.7% |
|
|
3.9% |
|
|
3.0% |
|
|
2.8% |
|
|
2.7% |
|
|
2.6% |
|
|
2.0% |
|
|
1.8% |
|
|
1.8% |
|
|
1.7% |
|
|
1.5% |
|
|
1.5% |
|
|
1.2% |
|
|
1.1% |
|
|
1.0% |
|
|
1.0% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
Windows Server 2012 R2 |
39.5% |
|
Windows 7 |
38.5% |
|
Windows Server 2008 R2 |
9.8% |
|
Windows 10 |
7.3% |
|
Windows Server 2012 |
2.1% |
|
Windows Vista |
1.1% |
|
Windows 8.1 |
0.9% |
|
Windows 8 |
0.6% |
|
Windows XP |
0.1% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x000030fa |
Name |
Size of data |
MD5 |
.text |
24064 |
c52a72deb0170941d392ec38c6aeafd0 |
.rdata |
5120 |
dc77f8a1e6985a4361c55642680ddb4f |
.data |
1024 |
723ad80df002dc5421798f4307abe5cf |
.ndata |
0 |
00000000000000000000000000000000 |
.rsrc |
64512 |
ee9aecf27d661d9ac31ffd7f0a54eb7d |