How to remove DefaultUI.exe
- File Details
- Overview
- Analysis
DefaultUI.exe
The module DefaultUI.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
13e0637409764c52d6ba186803855685 |
| Size: |
44 KB |
| First Published: |
2018-09-06 10:09:17 (6 years ago) |
| Latest Published: |
2020-10-01 03:44:34 (4 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2020-10-01 03:44:34 (4 years ago) |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
| %commonappdata%\{ad55e916-8a04-4218-8d53-a7653b27079d}\offline\fa9cf7a |
|
21.4% |
|
|
14.3% |
|
|
14.3% |
|
|
7.1% |
|
|
7.1% |
|
|
7.1% |
|
|
7.1% |
|
|
7.1% |
|
|
7.1% |
|
|
7.1% |
|
| Windows 10 |
50.0% |
|
| Windows 7 |
42.9% |
|
| Windows 8.1 |
7.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00003e6d |
| Name |
Size of data |
MD5 |
| .text |
23040 |
12ec2581fcdc5b9cafcc454075982a0d |
| .rdata |
4608 |
3e805a35b825962484e84513e732e342 |
| .data |
1024 |
9a5927422dc65c645173b5c0f3c8e8de |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
8704 |
e4fff573128b83289c8bdc92a548ecc9 |
