How to remove images.scr
images.scr
The module images.scr has been detected as Trojan.CoinMiner
File Details
| Product Name: | Images folder (x86-x64) |
| Company Name: | |
| MD5: | 4a381b917881e47e201ca6cbe40b93c4 |
| Size: | 4 MB |
| First Published: | 2017-05-26 03:10:40 (8 years ago) |
| Latest Published: | 2023-12-16 23:36:44 (2 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2023-12-16 23:36:44 (2 years ago) |
Common Places:
| %appdata%\images |
| %appdata% |
| %sysdrive% |
| %temp% |
| %sysdrive%\$recycle.bin |
| %desktop% |
| %sysdrive% |
| %sysdrive% |
| %appdata% |
| %appdata% |
File Names:
| image.exe |
| images.scr |
| $R3O1WJR.scr |
| $RHSILYP.scr |
| $RSURLTT.scr |
| $RGW9I95.scr |
| image.exe.dat |
Geography:
| 43.4% | ||
| 24.2% | ||
| 4.9% | ||
| 4.1% | ||
| 3.3% | ||
| 2.9% | ||
| 2.5% | ||
| 2.5% | ||
| 2.5% | ||
| 2.5% | ||
| 2.0% | ||
| 1.6% | ||
| 1.2% | ||
| 1.2% | ||
| 0.8% | ||
| 0.4% |
OS Version:
| Windows 7 | 64.1% | |
| Windows 10 | 15.3% | |
| Windows 8 | 10.1% | |
| Windows 8.1 | 8.5% | |
| Windows Vista | 0.8% | |
| Windows MultiPoint Server 2011 | 0.8% | |
| Windows Server 2012 R2 | 0.4% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000030fa |
PE Sections:
| Name | Size of data | MD5 |
| .text | 24064 | 856b32eb77dfd6fb67f21d6543272da5 |
| .rdata | 5120 | dc77f8a1e6985a4361c55642680ddb4f |
| .data | 1024 | 7922d4ce117d7d5b3ac2cffe4b0b5e4f |
| .ndata | 0 | 00000000000000000000000000000000 |
| .rsrc | 56320 | e11f7d72f9917a6708750856899916bf |
More information:
Download GridinSoft
Anti-Malware - Removal tool for images.scr
