How to remove conhost.exe

» File
File Details
Overview
Analysis

conhost.exe

The module conhost.exe has been detected as Trojan.CoinMiner

conhost.exe

Remove conhost.exe

File Details

Main Info:

Product Name:	Microsoft Windows Operating System
Company Name:	Microsoft
MD5:	8eaac8aedc39164c68c7c499e29925a7
Size:	6 MB
First Published:	2020-06-28 09:19:33 (4 years ago)
Latest Published:	2021-02-07 04:29:44 (4 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2021-02-07 04:29:44 (4 years ago)

Common Places:

%windir%

%windir%

%windir%

%windir%

%windir%

%windir%

%windir%

%windir%

%windir%

%windir%

Geography:

	66.7%
	20.0%
	6.7%
	6.7%

OS Version:

Windows 7	93.3%
Windows Server 2008 R2	6.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00060333

PE Sections:

Name	Size of data	MD5
.text	520192	5eb23a8e339a7e78ebbeb3f983d2645f
.rdata	6692864	fd6045d32619ca997e8d88e006a96d96
.data	73728	3f7e4e47728ec37fd0c8740ed4dccfb7
.rsrc	45056	f63b366aa361ccf9a66c770f2e15233f

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for conhost.exe

copyright for information about conhost.exe