How to remove UpdateAction_100_WINTTF.exe

UpdateAction_100_WINTTF.exe

The module UpdateAction_100_WINTTF.exe has been detected as Trojan.CoinMiner

UpdateAction_100_WINTTF.exe
Product Name:

한컴오피스 글꼴 업데이트

Company Name:

MD5: 7907372bf23d383cd11ccd79fa5661bc
Size: 12 MB
First Published: 2020-03-31 08:43:23 (4 years ago)
Latest Published: 2024-10-20 23:01:06 (2 months ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2024-10-20 23:01:06 (2 months ago)
Signed By: HANCOM. INC,
Status: Valid
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
100.0%
Windows 10 100.0%
Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000113bc

PE Sections:

Name Size of data MD5
.text 61952 3a126e478661f20816f9d9285615f98e
.itext 3072 ba48b9b17b3dd8b92da3bd93f20ddb34
.data 3584 d7fd5f4b562d7961758f3d6a8c834fd0
.bss 0 00000000000000000000000000000000
.idata 3584 93d91a2b90e60bd758fc0c4908856ae1
.tls 0 00000000000000000000000000000000
.rdata 512 3dffc444ccc131c9dcee18db49ee6403
.rsrc 82432 0c7b84da45153faa88c0886b2d2049a3

More information:

Download GridinSoft Anti-Malware - Removal tool for UpdateAction_100_WINTTF.exe