How to remove excavator.exe

excavator.exe

The module excavator.exe has been detected as Trojan.CoinMiner

excavator.exe
Remove excavator.exe

File Details

Product Name:

NiceHash Excavator
Company Name:

NICEHASH Ltd
MD5: 73088c348100b6374aa7f02d7a9b23c8
Size: 29 MB
First Published: 2024-08-05 23:02:31 (9 months ago)
Latest Published: 2025-04-27 23:01:09 (a month ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2025-04-27 23:01:09 (a month ago)

Overview

Signed By: H-Bit d.o.o.
Status: Valid

Common Places:

%localappdata%\programs\nicehash miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\bins\24.0
%localappdata%\programs\nicehash miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\bins\24.0
%localappdata%\programs\nicehash miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\bins\24.0

Geography:

66.7%
33.3%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x073699c8

PE Sections:

Name Size of data MD5
.text 0 d41d8cd98f00b204e9800998ecf8427e
.rdata 0 d41d8cd98f00b204e9800998ecf8427e
.data 0 d41d8cd98f00b204e9800998ecf8427e
.pdata 0 d41d8cd98f00b204e9800998ecf8427e
.nv_fatb 0 d41d8cd98f00b204e9800998ecf8427e
.nvFatBi 0 d41d8cd98f00b204e9800998ecf8427e
_RDATA 0 d41d8cd98f00b204e9800998ecf8427e
_RANDOMX 0 d41d8cd98f00b204e9800998ecf8427e
.{Yl 0 d41d8cd98f00b204e9800998ecf8427e
.|'* 17408 467c1d333d4d909b83e050aff14423b9
.Lmy 30953472 2403b25d40265c533ad81783ffba2222
.reloc 512 339c59b2a3136f33955f75692773c820
.rsrc 286720 f950bc27dbd682c63cbcb4988ac6b770

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for excavator.exe
copyright for information about excavator.exe