How to remove ethdcrminer64.exe

ethdcrminer64.exe

The module ethdcrminer64.exe has been detected as Risk.CoinMiner

ethdcrminer64.exe
Remove ethdcrminer64.exe

File Details

MD5: f58cb565e6014a863f24bb401437ec4a
Size: 3 MB
First Published: 2019-09-19 16:23:43 (4 years ago)
Latest Published: 2024-04-16 23:07:09 (2 weeks ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2024-04-16 23:07:09 (2 weeks ago)

Common Places:

%localappdata%\programs\nicehash miner\miner_plugins\claymoredual\bins
%appdata%\kryptex\miners
%desktop%
%localappdata%\programs\nicehash miner\miner_plugins\claymoredual\bins
%localappdata%\programs\nicehash miner\miner_plugins\70984aa0-7236-11e9-b20c-f9f12eb6d835\bins
%localappdata%\programs\nicehash miner\miner_plugins\70984aa0-7236-11e9-b20c-f9f12eb6d835\bins
%sysdrive%\minergate
%sysdrive%\nhm_windows_1.9.2.19\miner_plugins\70984aa0-7236-11e9-b20c-f9f12eb6d835\bins
%profile%\downloads\claymore's dual ethereum amd+nvidia gpu miner v15.0.zip
%appdata%

Geography:

17.9%
15.9%
7.9%
5.3%
4.6%
4.0%
4.0%
4.0%
3.3%
3.3%
3.3%
2.6%
2.6%
2.0%
2.0%
2.0%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%

OS Version:

Windows 10 92.9%
Windows 7 6.4%
Windows 8.1 0.6%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00ad7861

PE Sections:

Name Size of data MD5
.text 0 00000000000000000000000000000000
.rdata 0 00000000000000000000000000000000
.data 0 00000000000000000000000000000000
.pdata 0 00000000000000000000000000000000
.nv_fatb 0 00000000000000000000000000000000
.nvFatBi 0 00000000000000000000000000000000
.vmp0 0 00000000000000000000000000000000
.vmp1 3964928 bb68e2a4ae4eb051f6642ed617b282bf
.reloc 512 a86f7e36d53e94f0490a4eae6b1a9eec
.rsrc 1024 5608c2c2f84a5db4907ba95b0758fdd7

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for ethdcrminer64.exe
copyright for information about ethdcrminer64.exe