How to remove gmstcccpdzbb.exe

gmstcccpdzbb.exe

The module gmstcccpdzbb.exe has been detected as Trojan.CoinMiner

gmstcccpdzbb.exe
Remove gmstcccpdzbb.exe

File Details

Product Name:

Telegram FZ-LLC
Company Name:

Telegram Desktop
MD5: 58c1760fa089ddd38831714660475604
Size: 2 MB
First Published: 2025-05-19 23:01:06 (8 months ago)
Latest Published: 2025-05-19 23:01:06 (8 months ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2025-05-19 23:01:06 (8 months ago)

Overview

Signed By: Telegram FZ-LLC
Status: Invalid (digital signature could be stolen or file could be patched)

Common Places:

%commonappdata%

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00001140

PE Sections:

Name Size of data MD5
.text 36864 224a4532fa74ab6d4f2a3c867c133e31
.rdata 8704 aa62a7134d3c518c9a83c098a2bf012c
.data 2623488 68abb23c2ddb57b7e72c7d564408a034
.pdata 512 d0a91258fe7258f5f0625fd9d0f25d8c
.00cfg 512 b18c7380298e104adf73576fa46bccc1
.tls 512 bf619eac0cdf3f68d496ea9344137e8b
.rsrc 1024 ce0927e6cbbeaaa7eacb9adac8212f9d
.reloc 512 0b376c73154192d0f3d9720ddc593b24

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for gmstcccpdzbb.exe
copyright for information about gmstcccpdzbb.exe