How to remove 1.exe

» File
File Details
Overview
Analysis

1.exe

The module 1.exe has been detected as Trojan.CoinMiner

Remove 1.exe

File Details

Main Info:

Product Name:	ISUSScheduler
Company Name:	InstallShield Software
MD5:	b3f804bc737b0b59f1e0188964908041
Size:	1 MB
First Published:	2017-05-21 21:05:30 (8 years ago)
Latest Published:	2021-11-17 21:12:03 (3 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2021-11-17 21:12:03 (3 years ago)

Common Places:

%localappdata%\pokemongo\issch

%localappdata%\microsoft help\issch

%appdata%\treecardgames\issch

%appdata%\ghisler\issch

%localappdata%\rockstar games\issch

%appdata%\idm\issch

%appdata%\com.freakinware.mitosis\issch

%appdata%\media player classic\issch

%appdata%\stagemanager.bd092818f67280f4b42b04877600987f0111b594.1\issch

%localappdata%\microsoft games\issch

File Names:

issch.exe

1.exe

Geography:

	25.5%
	23.4%
	19.1%
	10.6%
	6.4%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%
	2.1%

OS Version:

Windows 10	63.8%
Windows 7	27.7%
Windows 8.1	8.5%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000014c0

PE Sections:

Name	Size of data	MD5
.text	966144	1085d5bd6c0a831adad879abfa999cad
.data	12288	927c39343cc76f2feb845b62dc0e2022
.rdata	317952	f0f1fb1d7bf04f0cb43961abe0403250
.eh_fram	8704	b577f332b184c48f49e5f7f1f7e61802
.bss	0	00000000000000000000000000000000
.idata	6656	a50238ebb35b3cdf209a700d4274ae19
.CRT	512	b61eb2aa49a7269d0e49e9b79ff420a9
.tls	512	f3dcb0fa6395f91c48da248a4b60e636
.rsrc	2560	887a8bbf86890ed4f5f1b9265861aab3

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for 1.exe

How to remove 1.exe

1.exe

The module 1.exe has been detected as Trojan.CoinMiner

File Details

Main Info:

ISUSScheduler

InstallShield Software

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: