How to remove BIT29EE.tmp
- File Details
- Overview
- Analysis
BIT29EE.tmp
The module BIT29EE.tmp has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| MD5: |
cad4eb95783a855d7eec4784d7a72cbc |
| Size: |
1 MB |
| First Published: |
2017-10-19 05:02:22 (6 years ago) |
| Latest Published: |
2018-07-05 12:03:43 (6 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2018-07-05 12:03:43 (6 years ago) |
| %appdata%\msvc |
| %appdata%\9482147 |
| %appdata%\iespou |
| %appdata% |
| %programfiles%\program files\roaming |
| %sysdrive% |
| msvc.exe |
| BIT29EE.tmp |
| BIT4700.tmp |
| BITA94B.tmp |
| BIT3A15.tmp |
| BIT988D.tmp |
| BIT386F.tmp |
| BIT1E26.tmp |
| Windows 7 |
77.3% |
|
| Windows 8.1 |
13.6% |
|
| Windows 10 |
9.1% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00001500 |
| Name |
Size of data |
MD5 |
| .text |
662528 |
1276f90db113f233118ba6e2aa5f5a62 |
| .data |
1024 |
c3466a9f1466af723f141d1dc63aab82 |
| .rdata |
61952 |
b1408d961f446bed43fea1ac323acd44 |
| .eh_fram |
110080 |
03c00babff1e3e99f15f28b3c6fef4a5 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
8704 |
7f5decfd917023f9195814d1e7f37185 |
| .CRT |
512 |
7afa79e754c255ff3514759f6037c57f |
| .tls |
512 |
3b8b87a115df9e15a7d3f5ac85066412 |
| .rsrc |
372416 |
ef0f657439e129fe9a0a7538aec3c1d9 |
