How to remove Ysura.exe

» File
File Details
Overview
Analysis

Ysura.exe

The module Ysura.exe has been detected as Trojan.CoinMiner

Ysura.exe

Remove Ysura.exe

File Details

Main Info:

Product Name:	中华PDF阅读器
Company Name:	中华PDF阅读器
MD5:	b0f1b3b99b719a8d01420ef4ede36f5f
Size:	1 MB
First Published:	2020-07-21 22:21:15 (3 years ago)
Latest Published:	2020-07-21 22:30:53 (3 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2020-07-21 22:30:53 (3 years ago)

Overview

Digital Signature

Signed By:	北京华网智讯信息有限公司
Status:	Valid

Common Places:

%programfiles%

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000224b1

PE Sections:

Name	Size of data	MD5
.text	611328	687f05af9f22e65f6a7a7787f588a7b1
.rdata	134144	a3e54daf3f3ea74cbab290d4d3b25c4d
.data	6144	d3ef1285f1f94be6c3900479b0cd058a
.gfids	512	281ea278d310a47d0ff56fb11f5e270d
.tls	512	1f354d76203061bfdd5a53dae48d5435
.rsrc	435200	8729058b28c0cfc39bf0c9758ce6f29d

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for Ysura.exe

copyright for information about Ysura.exe