How to remove WMI Providers.exe

» File
File Details
Overview
Analysis

WMI Providers.exe

The module WMI Providers.exe has been detected as Trojan.CoinMiner

WMI Providers.exe

Remove WMI Providers.exe

File Details

Main Info:

Product Name:	WMI Providers
MD5:	65f1c87f4fad5a104084ce9216b1356c
Size:	196 KB
First Published:	2017-07-06 11:11:38 (7 years ago)
Latest Published:	2019-11-20 09:09:40 (5 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2019-11-20 09:09:40 (5 years ago)

Common Places:

%programfiles%\wmiprovider

%programfiles%

%programfiles%

Geography:

100.0%

OS Version:

Windows 7

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00003d4e

.NET Info:

MVID:	f03828c9-621c-4788-aa72-80906b73cdf3
Typelib ID:	5210d2b7-2e0c-4cf8-917a-ae72c2bda5cf

PE Sections:

Name	Size of data	MD5
.text	7680	50d3dc959c6c798edc516f577c082d7f
.rsrc	192512	bc821846c6c267b27c8f87d84884f311
.reloc	512	1294bb6d2483346bdc4f42e3da78ad92

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for WMI Providers.exe

copyright for information about WMI Providers.exe