How to remove dax.exe
dax.exe
The module dax.exe has been detected as Risk.CoinMiner
File Details
| Product Name: | XMRig |
| Company Name: | www.xmrig.com |
| MD5: | 09ca8419e23b2d919e93e57f04239a28 |
| Size: | 695 KB |
| First Published: | 2017-08-23 18:07:38 (6 years ago) |
| Latest Published: | 2018-03-23 21:07:09 (6 years ago) |
| Status: | Risk.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-03-23 21:07:09 (6 years ago) |
Common Places:
| %appdata%\fuqelo |
| %appdata%\faqelo |
| %appdata%\sasha |
| %appdata%\ieserv |
| %appdata%\auto1feed |
| %sysdrive%\$recycle.bin\s-1-5-21-1378653223-3937578776-2282087843-1000\$rh09h7n |
| %appdata%\olesya |
| %appdata%\msvc |
| %windir% |
File Names:
| dux.exe |
| dax.exe |
| lux1ory.exe |
| xm32b.exe |
Geography:
| 23.8% | ||
| 14.3% | ||
| 9.5% | ||
| 9.5% | ||
| 9.5% | ||
| 4.8% | ||
| 4.8% | ||
| 4.8% | ||
| 4.8% | ||
| 4.8% | ||
| 4.8% | ||
| 4.8% |
OS Version:
| Windows 7 | 47.6% | |
| Windows 10 | 33.3% | |
| Windows 8 | 9.5% | |
| Windows 8.1 | 4.8% | |
| Windows Server 2012 R2 | 4.8% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00001500 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 543232 | c517cba97ffb64b6c50e0ee380615b57 |
| .data | 1024 | d9eac4feed64535cceb46eee74dc72b1 |
| .rdata | 54784 | e60e11c693154101d8ba643b75eea5e1 |
| .eh_fram | 83968 | 92511c3cae74d947129c86dd5d80abdd |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 9216 | 2b49da74fcbf027b7c65f5a4f3bbed6b |
| .CRT | 512 | e40c2d8d91fbe6021770a87eb388b251 |
| .tls | 512 | 24e248c3b64bbd0b1cfd44919aeed473 |
| .rsrc | 17344 | 95ceaa88bed8a13e410c04a6c3cf7947 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for dax.exe
