How to remove excavator (2018_03_22 14_10_05 UTC).exe
- File Details
- Overview
- Analysis
excavator (2018_03_22 14_10_05 UTC).exe
The module excavator (2018_03_22 14_10_05 UTC).exe has been detected as Risk.CoinMiner
File Details
| MD5: |
baf51d6f9ec2c36f483760ef414e6661 |
| Size: |
1 MB |
| First Published: |
2017-05-25 14:12:55 (7 years ago) |
| Latest Published: |
2023-07-05 23:05:17 (a year ago) |
| Status: |
Risk.CoinMiner (on last analysis) |
|
| Analysis Date: |
2023-07-05 23:05:17 (a year ago) |
Overview
| %appdata%\nhm2\bin\excavator |
| %profile%\downloads\mining\nicehashminer_v1.7.5.7\nicehashminer_v1.7.5.7\bin\excavator |
| %desktop%\nicehashminer_v1.7.5.12\bin\excavator |
| %profile%\downloads\nicehashminer_v1.7.5.12\bin\excavator |
| %profile%\downloads\nicehashminer_v1.7.5.13\nicehashminer_v1.7.5.13\bin\excavator |
| %sysdrive%\nicehash\nicehashminer_v1.7.5.13\bin\excavator |
| %desktop%\nicehashminer_v1.7.5.13\bin\excavator |
| %desktop%\nicehash miner_v1.7.5.13\nicehashminer_v1.7.5.13\bin\excavator |
| %profile%\downloads\programs\nicehashminer_v1.7.5.13\bin\excavator |
| %localappdata%\awesomeminer\excavator_v1.1.4a_win64_1 |
| excavator.exe |
| excavator (2018_03_22 14_10_05 UTC).exe |
|
24.0% |
|
|
12.1% |
|
|
11.3% |
|
|
6.8% |
|
|
5.7% |
|
|
4.0% |
|
|
3.2% |
|
|
3.0% |
|
|
3.0% |
|
|
2.1% |
|
|
1.7% |
|
|
1.7% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.1% |
|
|
1.1% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
| Windows 10 |
70.9% |
|
| Windows 7 |
22.1% |
|
| Windows 8.1 |
4.8% |
|
| Windows Server 2008 R2 |
1.5% |
|
| Windows 8 |
0.4% |
|
| Windows Server 2016 |
0.2% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00078d28 |
| Name |
Size of data |
MD5 |
| .text |
536576 |
cde18bcd4857299db13aa43ac46ffe75 |
| .rdata |
231424 |
9269cef62b979f6171866712f41fd6a7 |
| .data |
36864 |
5bde8ae393bd2a576dfb849d5bd92122 |
| .pdata |
35328 |
65c892a676e9a0c0bdab176d2397360e |
| .nv_fatb |
987648 |
ba20c4fd8765fb7d2b942f21154b2e75 |
| .nvFatBi |
512 |
f93e027e0c3645f67be55ee90492c375 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
512 |
e76e3faf2f7d597faec25bb768e73459 |
| .reloc |
5120 |
6b5454f944651dd4cff5d4968993027a |
