How to remove gw64-core2.exe
- File Details
- Overview
- Analysis
gw64-core2.exe
The module gw64-core2.exe has been detected as Trojan.CoinMiner
File Details
| MD5: |
d2a4d1247752fb186841ff4c2985341b |
| Size: |
1 MB |
| First Published: |
2017-05-21 04:03:18 (8 years ago) |
| Latest Published: |
2025-09-28 23:01:21 (a month ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2025-09-28 23:01:21 (a month ago) |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\63wktr3i |
| %appdata%\isminer |
| %localappdata%\microsoft\windows\inetcache\ie\s2yyy9sc |
| %localappdata%\microsoft\windows\inetcache\ie\xps6legv |
| %localappdata%\microsoft\windows\inetcache\ie\6t9omhvx |
| %localappdata%\microsoft\windows\inetcache\ie\vap0wrij |
| %localappdata%\microsoft\windows\inetcache\ie\y5ul59vj |
| %sysdrive%\quarantine_mzk\folders\201705094531730\isminer. 4.54.34.10 |
| %localappdata%\microsoft\windows\inetcache\ie\vb0ws7fi |
| %sysdrive%\adwcleaner\quarantine\files\zortwmaugpgymabifiufgtqifpygsshg |
| gw64-core2[1].exe |
| gw64-core2.exe |
| cpuminer-gw64-core2.exe |
| gw64-core2.exe.quarantined |
| $REO1XMY.exe |
| sprotect-core2.exe |
| $RK8KNZO.exe |
| $RB77PDV.exe |
| webproxy.exe |
| Core2.exe |
| _iocache_.dat |
| wmipvrse.exe |
| core2.exe |
|
30.3% |
|
|
13.9% |
|
|
7.1% |
|
|
6.4% |
|
|
5.4% |
|
|
4.9% |
|
|
4.4% |
|
|
2.3% |
|
|
2.3% |
|
|
1.9% |
|
|
1.7% |
|
|
1.6% |
|
|
1.3% |
|
|
1.3% |
|
|
1.2% |
|
|
1.0% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.7% |
|
|
0.6% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 10 |
50.6% |
|
| Windows 7 |
36.8% |
|
| Windows 8.1 |
10.1% |
|
| Windows 8 |
1.4% |
|
| Windows XP |
0.4% |
|
| Windows Embedded 8.1 |
0.3% |
|
| Windows Server 2008 R2 |
0.1% |
|
| Windows Vista |
0.1% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000400000 |
| Entry Address: |
0x003ab4b0 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
00000000000000000000000000000000 |
| UPX1 |
1427456 |
7e8c35e821c22cb4f9d867c1f511e4fc |
| .rsrc |
31232 |
1b881030ca6fdfdba4da16e7b5bef9d0 |
