How to remove Locker_native.exe

Locker_native.exe

The module Locker_native.exe has been detected as Trojan.CoinMiner

Locker_native.exe
Remove Locker_native.exe

File Details

Product Name:

Locker_native
Company Name:

AesLocker Inc.
MD5: a4fa65f0d873fe4d8b1f0a1682c5af36
Size: 543 KB
First Published: 2020-09-28 11:32:18 (5 years ago)
Latest Published: 2026-04-11 23:00:58 (3 weeks ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2026-04-11 23:00:58 (3 weeks ago)

Common Places:

%profile%\onedrive\문서
%profile%\onedrive\documents
%sysdrive%\filehistory\jineo\desktop-eok\data\c\users\jineo\onedrive\documents
%profile%\onedrive\문서
%profile%\onedrive\문서
%mydoc%

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x0004c150

PE Sections:

Name Size of data MD5
.text 321024 d8fe9a90f816168362364bd96956ee23
.rdata 73728 a0c5da69d8c676a8cb8e312fdb7d7799
.data 4608 1c0afb087196e054a585fd8078a217c5
.pdata 12800 cac14f53dad12f9758583c8c945be3d1
_RANDOMX 1536 d9024f8fd040694ff6e16174a3240aca
.rsrc 140288 678e032b8be255d029df07c50248711c
.reloc 1024 768e68514cfe2624b552f8785f2f9f76

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for Locker_native.exe
copyright for information about Locker_native.exe