How to remove ddb64.dll
ddb64.dll
The module ddb64.dll has been detected as Risk.CoinMiner
File Details
| Product Name: | XMRig |
| Company Name: | www.xmrig.com |
| MD5: | 083d10ae6d7d1cc34ad4d70967b7d852 |
| Size: | 21 MB |
| First Published: | 2020-10-20 17:10:06 (5 years ago) |
| Latest Published: | 2022-07-17 23:46:59 (3 years ago) |
| Status: | Risk.CoinMiner (on last analysis) | |
| Analysis Date: | 2022-07-17 23:46:59 (3 years ago) |
Common Places:
| %appdata%\wincfg |
| %appdata%\wincfg |
| %appdata%\wincfg |
| %appdata%\wincfg |
| %appdata%\wincfg |
| %sysdrive%\windows.old\users\pc\appdata\roaming\wincfg |
Geography:
| 33.3% | ||
| 33.3% | ||
| 16.7% | ||
| 16.7% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000180000000 |
| Entry Address: | 0x00047900 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 580608 | 65e00bbab2be78024ec24977ddd5b1a8 |
| .rdata | 272384 | 94551e9ac0dfda76a22e67174b63c8db |
| .data | 11776 | cc86075000038ab6583a31f89f1d5a37 |
| .pdata | 27648 | 004b738af22e66e3779299cd14cc2040 |
| .nv_fatb | 21267968 | 81b09c6696c50e40ee9a372da530bbca |
| .nvFatBi | 512 | ebcf87cda9e73b18747d2a06c510dc32 |
| .tls | 512 | 1f354d76203061bfdd5a53dae48d5435 |
| .gfids | 2560 | d4a50598728d5cd49c477ca33057598f |
| .rsrc | 23040 | 7375a9358387ee0a829466ebad67e45b |
| .reloc | 6144 | 8dc799671753149fcb68e19447df614a |
More information:
Download GridinSoft
Anti-Malware - Removal tool for ddb64.dll
