How to remove ShKernel.exe
- File Details
- Overview
- Analysis
ShKernel.exe
The module ShKernel.exe has been detected as SuspCPUMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
3ef43010f17b29798079d0c6e1eba0fb |
| Size: |
9 MB |
| First Published: |
2018-12-18 19:11:56 (6 years ago) |
| Latest Published: |
2019-04-27 10:18:30 (5 years ago) |
| Status: |
SuspCPUMiner (on last analysis) |
|
| Analysis Date: |
2019-04-27 10:18:30 (5 years ago) |
Overview
| %programfiles%\enigmasoft |
| %programfiles%\enigmasoft |
| %programfiles%\enigmasoft |
| %programfiles%\enigmasoft |
| %programfiles%\enigmasoft |
| %programfiles%\enigmasoft |
| %programfiles%\enigmasoft |
|
42.9% |
|
|
14.3% |
|
|
14.3% |
|
|
14.3% |
|
|
14.3% |
|
| Windows 7 |
57.1% |
|
| Windows 10 |
42.9% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x0035bbd8 |
| Name |
Size of data |
MD5 |
| .text |
6998016 |
285282d00d9a2e84c4a300e17353dcdb |
| .rdata |
2144256 |
4c88c1f655b1d12042742c368b1176e8 |
| .data |
418304 |
daeb2724e6782d88dc6669874e000527 |
| .pdata |
368128 |
7bebb51306c37ccf7af6e01bf467b83b |
| .gfids |
3584 |
a471819cd3caf6350171f55f3916fec7 |
| .tls |
512 |
1f354d76203061bfdd5a53dae48d5435 |
| .rsrc |
76800 |
4817ec9cfb3e5576c1cc936ab8ac1d0a |
| .reloc |
48640 |
6a2c366a7463b9f006b2e1502d9adb88 |
