How to remove gEF6E.tmp.exe
- File Details
- Overview
- Analysis
gEF6E.tmp.exe
The module gEF6E.tmp.exe has been detected as Trojan.CoinMiner
File Details
| MD5: |
70bfff8e6d2bb4d918f08ea4d4642e0c |
| Size: |
465 KB |
| First Published: |
2017-05-21 03:01:53 (6 years ago) |
| Latest Published: |
2017-05-25 09:03:29 (6 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2017-05-25 09:03:29 (6 years ago) |
| %windir%\temp |
| %sysdrive%\temp |
| %sysdrive%\_temp |
| gE512.tmp.exe |
| gEF6E.tmp.exe |
| gBEDC.tmp.exe |
| g8416.tmp.exe |
| gFF84.tmp.exe |
| gC65C.tmp.exe |
| g4EF5.tmp.exe |
| g67D3.tmp.exe |
| g8852.tmp.exe |
| g6E0F.tmp.exe |
| g421A.tmp.exe |
| g1E7A.tmp.exe |
| g5ADD.tmp.exe |
| g8B3E.tmp.exe |
| gB2CB.tmp.exe |
| g646D.tmp.exe |
| g63C4.tmp.exe |
| g5FB.tmp.exe |
| gF033.tmp.exe |
| g9F09.tmp.exe |
| gC0CF.tmp.exe |
| gDB12.tmp.exe |
| g9F59.tmp.exe |
| g2C76.tmp.exe |
| g559F.tmp.exe |
| gCDC0.tmp.exe |
| g5DBB.tmp.exe |
| g742C.tmp.exe |
| g810A.tmp.exe |
| gCCFE.tmp.exe |
| g656.tmp.exe |
| g2C8D.tmp.exe |
| g3089.tmp.exe |
| gC00D.tmp.exe |
| gBBD1.tmp.exe |
| g3B30.tmp.exe |
| gEB4A.tmp.exe |
|
34.2% |
|
|
13.2% |
|
|
13.2% |
|
|
7.9% |
|
|
5.3% |
|
|
5.3% |
|
|
2.6% |
|
|
2.6% |
|
|
2.6% |
|
|
2.6% |
|
|
2.6% |
|
|
2.6% |
|
|
2.6% |
|
|
2.6% |
|
| Windows 7 |
55.3% |
|
| Windows 10 |
42.1% |
|
| Windows 8 |
2.6% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00020d5c |
| Name |
Size of data |
MD5 |
| .text |
330240 |
2da7c9d399de57b0981d3f5c3966c165 |
| .rdata |
111104 |
d6897e8802bfaff7a324326ade88571a |
| .data |
10240 |
945b5dfd22e40ad7374e7319d2209488 |
| .pdata |
18944 |
3893c2ea1b48b68568dcf66fd2f101e1 |
| .tls |
512 |
1f354d76203061bfdd5a53dae48d5435 |
| .rsrc |
512 |
0c0fc143cd60ee7c7df2406d6f377b37 |
| .reloc |
3584 |
604ac549e87d302e7cb39a1fdfa8c860 |
