How to remove Microsoft.exe
- File Details
- Overview
- Analysis
Microsoft.exe
The module Microsoft.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
95cab1b04dabd7f7636efa66381f5858 |
| Size: |
5 MB |
| First Published: |
2019-12-01 06:04:31 (5 years ago) |
| Latest Published: |
2023-04-30 23:57:23 (2 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2023-04-30 23:57:23 (2 years ago) |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
|
18.2% |
|
|
16.2% |
|
|
15.2% |
|
|
12.1% |
|
|
10.1% |
|
|
5.1% |
|
|
4.0% |
|
|
4.0% |
|
|
4.0% |
|
|
3.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
|
1.0% |
|
|
1.0% |
|
| Windows 10 |
94.2% |
|
| Windows 7 |
3.9% |
|
| Windows 8.1 |
1.9% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000400000 |
| Entry Address: |
0x000014a0 |
| Name |
Size of data |
MD5 |
| .text |
4657152 |
597c8b13321d54f59ede59419e31f7e9 |
| .data |
36352 |
0d22aaa4d0827019ec5d86e8921b72ca |
| .rdata |
723968 |
a7082ea91c3015ba9211510dde373c23 |
| .pdata |
161792 |
c460b1b338e75578a8e62d70e9f63be0 |
| .xdata |
184320 |
625f4bfbb18fdeee51124e99de148d98 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
17408 |
ab475b44528074f9215376cb52c98877 |
| .CRT |
512 |
55b0f9f88c605ba2a07380313c7bcd81 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
70144 |
64a13a5009c37892d61cfa43f88bb3c0 |
