How to remove explorer32.exe

» File
File Details
Overview
Analysis

explorer32.exe

The module explorer32.exe has been detected as Trojan.CoinMiner

Remove explorer32.exe

File Details

Main Info:

MD5:	3afeb8e9af02a33ff71bf2f6751cae3a
Size:	1 MB
First Published:	2017-05-21 03:01:57 (8 years ago)
Latest Published:	2024-10-31 23:01:42 (a year ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2024-10-31 23:01:42 (a year ago)

Common Places:

%appdata%\nscpucnminer

%appdata%\nsminer

%appdata%\images

%appdata%\cnminer

%localappdata%\temp

%commonappdata%\kerish products\kerish doctor\backup\startupdisabled\18-m32.exe

%temp%\m32.exe

%profile%\дминистратор\application data\nscpucnminer

%system%\config\systemprofile\appdata\roaming\nscpucnminer

%sysdrive%\temp

File Names:

NsCpuCNMiner32.exe

explorer32.exe

trzE703.tmp

trz427.tmp

trzA8A.tmp

trzC9D.tmp

$RJXB3GE.exe

$RKWEGUO.exe

$RVABD34.exe

$RA7AHXE.exe

$RQO9Z4E.exe

trz78E9.tmp

trz368C.tmp

trz76DC.tmp

trz98A6.tmp

trz91B3.tmp

trzA813.tmp

trz9DD4.tmp

trz9992.tmp

trzA796.tmp

trzA69A.tmp

$RZYB0P7.exe

instsh_x86.exe

Geography:

	36.0%
	19.5%
	5.7%
	4.0%
	3.6%
	3.3%
	3.3%
	2.5%
	1.9%
	1.8%
	1.5%
	1.5%
	1.3%
	1.2%
	1.1%
	1.0%
	0.6%
	0.6%
	0.6%
	0.6%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	62.4%
Windows 10	11.5%
Windows XP	6.0%
Windows 8.1	5.5%
Windows Server 2012 R2	4.2%
Windows Server 2003	3.7%
Windows 8	3.2%
Windows Server 2008 R2	2.5%
Windows Vista	0.6%
Windows Server 2012	0.2%
Windows MultiPoint Server 2011	0.1%
Windows Embedded 8.1	0.1%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0024f455

PE Sections:

Name	Size of data	MD5
.text	0	00000000000000000000000000000000
.rdata	0	00000000000000000000000000000000
.data	0	00000000000000000000000000000000
.tls	512	bf619eac0cdf3f68d496ea9344137e8b
.vmp0	0	00000000000000000000000000000000
.vmp1	1430528	9aba7267658e1a6c1d2226393624d5d5
.reloc	512	5eebc6a8d4e8052230a730510e7f3ed7
.rsrc	1024	459abb11772f115c47c1a2afc27e2802

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for explorer32.exe

copyright for information about explorer32.exe