How to remove dax.exe
dax.exe
The module dax.exe has been detected as Risk.CoinMiner
File Details
Product Name: | XMRig |
Company Name: | www.xmrig.com |
MD5: | 09ca8419e23b2d919e93e57f04239a28 |
Size: | 695 KB |
First Published: | 2017-08-23 18:07:38 (6 years ago) |
Latest Published: | 2018-03-23 21:07:09 (6 years ago) |
Status: | Risk.CoinMiner (on last analysis) | |
Analysis Date: | 2018-03-23 21:07:09 (6 years ago) |
Common Places:
%appdata%\fuqelo |
%appdata%\faqelo |
%appdata%\sasha |
%appdata%\ieserv |
%appdata%\auto1feed |
%sysdrive%\$recycle.bin\s-1-5-21-1378653223-3937578776-2282087843-1000\$rh09h7n |
%appdata%\olesya |
%appdata%\msvc |
%windir% |
File Names:
dux.exe |
dax.exe |
lux1ory.exe |
xm32b.exe |
Geography:
23.8% | ||
14.3% | ||
9.5% | ||
9.5% | ||
9.5% | ||
4.8% | ||
4.8% | ||
4.8% | ||
4.8% | ||
4.8% | ||
4.8% | ||
4.8% |
OS Version:
Windows 7 | 47.6% | |
Windows 10 | 33.3% | |
Windows 8 | 9.5% | |
Windows 8.1 | 4.8% | |
Windows Server 2012 R2 | 4.8% |
Analysis
Subsystem: | Windows CUI |
PE Type: | pe |
OS Bitness: | 32 |
Image Base: | 0x00400000 |
Entry Address: | 0x00001500 |
PE Sections:
Name | Size of data | MD5 |
.text | 543232 | c517cba97ffb64b6c50e0ee380615b57 |
.data | 1024 | d9eac4feed64535cceb46eee74dc72b1 |
.rdata | 54784 | e60e11c693154101d8ba643b75eea5e1 |
.eh_fram | 83968 | 92511c3cae74d947129c86dd5d80abdd |
.bss | 0 | 00000000000000000000000000000000 |
.idata | 9216 | 2b49da74fcbf027b7c65f5a4f3bbed6b |
.CRT | 512 | e40c2d8d91fbe6021770a87eb388b251 |
.tls | 512 | 24e248c3b64bbd0b1cfd44919aeed473 |
.rsrc | 17344 | 95ceaa88bed8a13e410c04a6c3cf7947 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for dax.exe