How to remove explorer32.exe
- File Details
- Overview
- Analysis
explorer32.exe
The module explorer32.exe has been detected as Trojan.CoinMiner
File Details
| MD5: |
3afeb8e9af02a33ff71bf2f6751cae3a |
| Size: |
1 MB |
| First Published: |
2017-05-21 03:01:57 (6 years ago) |
| Latest Published: |
2024-03-08 23:24:39 (a month ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2024-03-08 23:24:39 (a month ago) |
| %appdata%\nscpucnminer |
| %appdata%\nsminer |
| %appdata%\images |
| %appdata%\cnminer |
| %localappdata%\temp |
| %commonappdata%\kerish products\kerish doctor\backup\startupdisabled\18-m32.exe |
| %temp%\m32.exe |
| %profile%\дминистратор\application data\nscpucnminer |
| %system%\config\systemprofile\appdata\roaming\nscpucnminer |
| %sysdrive%\temp |
| NsCpuCNMiner32.exe |
| explorer32.exe |
| trzE703.tmp |
| trz427.tmp |
| trzA8A.tmp |
| trzC9D.tmp |
| $RJXB3GE.exe |
| $RKWEGUO.exe |
| $RVABD34.exe |
| $RA7AHXE.exe |
| $RQO9Z4E.exe |
| trz78E9.tmp |
| trz368C.tmp |
| trz76DC.tmp |
| trz98A6.tmp |
| trz91B3.tmp |
| trzA813.tmp |
| trz9DD4.tmp |
| trz9992.tmp |
| trzA796.tmp |
| trzA69A.tmp |
| $RZYB0P7.exe |
| instsh_x86.exe |
|
36.1% |
|
|
19.6% |
|
|
5.7% |
|
|
4.0% |
|
|
3.6% |
|
|
3.3% |
|
|
3.3% |
|
|
2.5% |
|
|
1.9% |
|
|
1.8% |
|
|
1.5% |
|
|
1.5% |
|
|
1.2% |
|
|
1.1% |
|
|
1.1% |
|
|
1.0% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 7 |
62.3% |
|
| Windows 10 |
11.6% |
|
| Windows XP |
6.0% |
|
| Windows 8.1 |
5.6% |
|
| Windows Server 2012 R2 |
4.3% |
|
| Windows Server 2003 |
3.7% |
|
| Windows 8 |
3.2% |
|
| Windows Server 2008 R2 |
2.5% |
|
| Windows Vista |
0.6% |
|
| Windows Server 2012 |
0.2% |
|
| Windows MultiPoint Server 2011 |
0.1% |
|
| Windows Embedded 8.1 |
0.1% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0024f455 |
| Name |
Size of data |
MD5 |
| .text |
0 |
00000000000000000000000000000000 |
| .rdata |
0 |
00000000000000000000000000000000 |
| .data |
0 |
00000000000000000000000000000000 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .vmp0 |
0 |
00000000000000000000000000000000 |
| .vmp1 |
1430528 |
9aba7267658e1a6c1d2226393624d5d5 |
| .reloc |
512 |
5eebc6a8d4e8052230a730510e7f3ed7 |
| .rsrc |
1024 |
459abb11772f115c47c1a2afc27e2802 |
