How to remove AMD.exe
AMD.exe
The module AMD.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | MicrosoftHost |
| Company Name: | Microsoft Corporation |
| MD5: | 1d56b2fe6bcbaf866e32a319c85beca6 |
| Size: | 997 KB |
| First Published: | 2018-10-16 14:03:14 (6 years ago) |
| Latest Published: | 2018-11-14 13:11:33 (6 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-11-14 13:11:33 (6 years ago) |
Common Places:
| %commonappdata% |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\2b4691wb |
Geography:
| 71.4% | ||
| 28.6% |
OS Version:
| Windows 7 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x0003f1d4 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 616448 | 7570962a77712bf1f41eef820f474b32 |
| .rdata | 285696 | c3b079093e28829a36c7bf7a78e8e9ce |
| .data | 35328 | 10ed38d588bc8527f5eae3f11029f49a |
| .pdata | 29184 | 9637aa27b72ac1aadb4d35ba23998cd6 |
| .rsrc | 48640 | 53357576e04dcc2bd739aad426f59241 |
| .reloc | 5120 | d5f03077fa267cadc6a10de648969aeb |
More information:
Download GridinSoft
Anti-Malware - Removal tool for AMD.exe
