How to remove kvas.exe

kvas.exe

The module kvas.exe has been detected as Risk.CoinMiner

kvas.exe
Remove kvas.exe

File Details

Product Name:

XMRig
Company Name:

www.xmrig.com
MD5: b14bd0529d0963336feb2b76102fe666
Size: 569 KB
First Published: 2017-07-25 09:26:14 (7 years ago)
Latest Published: 2020-06-03 06:27:18 (4 years ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2020-06-03 06:27:18 (4 years ago)

Common Places:

%appdata%\msvc
%appdata%\nvidia
%appdata%\filosof
%appdata%\ie1servise
%appdata%\audiohdriver
%appdata%\testservice
%appdata%\nakavala
%appdata%\sasha
%appdata%\malia
%appdata%\valit

File Names:

MSVC.exe
kvas.exe
AudioHD.exe
zabor.exe
zake.exe
lux.exe
svchost.exe
BITFCC7.tmp
works.exe
windows.exe
windows.exe.quarantined
moloko.exe
BIT101B.tmp

Geography:

12.8%
11.7%
9.6%
8.5%
7.4%
6.4%
6.4%
5.3%
4.3%
3.2%
3.2%
2.1%
2.1%
2.1%
2.1%
2.1%
2.1%
2.1%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%

OS Version:

Windows 7 40.0%
Windows 10 38.9%
Windows 8 8.4%
Windows Server 2008 R2 7.4%
Windows 8.1 5.3%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000400000
Entry Address: 0x00001500

PE Sections:

Name Size of data MD5
.text 459776 e969f61c381e861e0d3e3958dc34db80
.data 1536 db88df27cb4bc3d24cd1d0d54c64799a
.rdata 57856 4f9c0d96bb30e2a17d88fbaed57dd84c
.pdata 16896 011c67b13fb7190b11b65a53f6e54be4
.xdata 15872 6c79811365fb236101d3101107080f92
.bss 0 00000000000000000000000000000000
.idata 11776 2ee7db77fd7a8d3c46b7b7d605c240f6
.CRT 512 f63e0ea690e3a48cdb41baef96d09f85
.tls 512 9d3daa3d25b03a655b513793f0413e4a
.rsrc 17360 b4c2224cb56bdcdc6b7006b38af9b44c

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for kvas.exe
copyright for information about kvas.exe