How to remove msinfo.exe
msinfo.exe
The module msinfo.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | Microl office |
| Company Name: | Microl office |
| MD5: | cbefa20de88b10729e215ae1789c29a1 |
| Size: | 6 MB |
| First Published: | 2020-12-23 18:47:19 (3 years ago) |
| Latest Published: | 2021-01-12 22:03:23 (3 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2021-01-12 22:03:23 (3 years ago) |
Common Places:
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
| %windir% |
Geography:
| 45.5% | ||
| 27.3% | ||
| 18.2% | ||
| 9.1% |
OS Version:
| Windows Server 2008 R2 | 45.5% | |
| Windows Server 2012 R2 | 27.3% | |
| Windows Server 2003 | 18.2% | |
| Windows Server 2012 | 9.1% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00a73ea9 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .rdata | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .data | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .qq0 | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .qq1 | 6934016 | 1ade4ec49ef217bbdbf41f0011d17066 |
| .reloc | 1536 | 9bc93959c6c24815dd69a7c767cb346b |
| .rsrc | 1536 | a3ff5f4a62dd1c9768ff07f52e3fa7c9 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for msinfo.exe
