How to remove debug.exe

debug.exe

The module debug.exe has been detected as Trojan.CoinMiner

debug.exe
Product Name:

NSSM 64-bit

Company Name:

Iain Patterson

MD5: 1e706b1e8d3bd3764e3ee4bf5fe509d8
Size: 345 KB
First Published: 2017-09-30 07:02:47 (7 years ago)
Latest Published: 2021-03-04 04:38:58 (3 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2021-03-04 04:38:58 (3 years ago)
%sysdrive%\windows
%windir%\debug
%windir%\logs\logsfiles64
%windir%\secyritii64
%commonappdata%
%system%
%windir%
%sysdrive%\$recycle.bin\s-1-5-21-1670256533-2662537330-1115340039-500
%sysdrive%
%programfiles%\mysqlkingtool
WinSvchost.exe
debug.exe
nssm.exe
winsvchost.exe
svchost.exe
svchost.exe.quarantined
mysql-nt.exe
1sass.exe
445dll.exe
taskhost.exe
62.0%
17.9%
3.5%
2.7%
2.4%
1.6%
1.4%
1.4%
1.4%
1.4%
1.1%
1.1%
0.5%
0.5%
0.5%
0.3%
0.3%
Windows Server 2008 R2 56.8%
Windows 7 25.3%
Windows Server 2012 R2 10.9%
Windows Server 2012 4.3%
Windows 10 1.4%
Windows 8.1 0.5%
Windows Server 2016 0.5%
Windows Web Server 2008 R2 0.3%
Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x0001b9b0

PE Sections:

Name Size of data MD5
.text 144384 2565872698a60f8c25c6ff4e68066c85
.rdata 31232 06a27cf51bc80f1a474b60cc7c384652
.data 7680 ddca383eee9dc3b16d7032106dd9656e
.pdata 7168 aa7f2a99869759897b445353eb04fe90
.rsrc 162304 c8a18618428fdc3b620e204edbb16c14

More information:

Download GridinSoft Anti-Malware - Removal tool for debug.exe