How to remove autoit3_x64.exe
- File Details
- Overview
- Analysis
autoit3_x64.exe
The module autoit3_x64.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
de43b312c11513b6975b9940d06d303b |
| Size: |
1 MB |
| First Published: |
2017-12-23 14:06:54 (6 years ago) |
| Latest Published: |
2023-05-04 23:12:36 (a year ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2023-05-04 23:12:36 (a year ago) |
Overview
| %sysdrive%\newcpuspeed\newcpuspeedcheck\workers |
| %sysdrive%\newcpuspeed\workers |
| %sysdrive%\newcpuspeedcheck\newcpuspeedcheck\workers |
| %sysdrive%\newcpuspeedcheck\workers |
| %programfiles% |
| %sysdrive%\notifications\newcpuspeedcheck\workers |
| %sysdrive%\dcim\newcpuspeedcheck\workers |
| %sysdrive%\.cocodata\newcpuspeedcheck\workers |
| %sysdrive%\musica\newcpuspeedcheck\workers |
| %sysdrive%\.androidck\newcpuspeedcheck\workers |
| cpuchecker.exe |
| autoit3_x64.exe |
| AutoIt3.exe |
| AU3381.exe |
| AutoIt3_x64.exe |
|
59.9% |
|
|
11.1% |
|
|
4.3% |
|
|
4.3% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.5% |
|
|
1.5% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
0.9% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
| Windows 10 |
43.3% |
|
| Windows 7 |
34.7% |
|
| Windows 8.1 |
19.9% |
|
| Windows Embedded 8.1 |
1.2% |
|
| Windows XP |
0.6% |
|
| Windows Vista |
0.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x0002fe64 |
| Name |
Size of data |
MD5 |
| .text |
692736 |
c83c688ee0d637f898ed87391bbdf5dc |
| .rdata |
195584 |
f8378ea08dde71401c6a47874a977f72 |
| .data |
24064 |
0854738a2fd15c1f4a6d5c121979b421 |
| .pdata |
27136 |
18bdefe792584ce898b031515ffff6b4 |
| .rsrc |
108544 |
0ad0bf19bad81bc774c0031e03e0702f |
| .reloc |
3072 |
a09769711fc058127866bcb206d75d0f |
