How to remove processys.exe
- File Details
- Overview
- Analysis
processys.exe
The module processys.exe has been detected as Risk.CoinMiner
File Details
Product Name: |
|
Company Name: |
|
MD5: |
f81109e0792e7a24666255981ac36a47 |
Size: |
8 MB |
First Published: |
2018-06-19 13:08:33 (6 years ago) |
Latest Published: |
2018-10-08 16:15:10 (6 years ago) |
Status: |
Risk.CoinMiner (on last analysis) |
|
Analysis Date: |
2018-10-08 16:15:10 (6 years ago) |
%localappdata%\windows\system\intel(r) common user interface\5.11.10.4129\local\modified\@appdata@\microsoftwordvision |
|
66.7% |
|
|
13.3% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
Windows 10 |
80.0% |
|
Windows 7 |
20.0% |
|
Analysis
Subsystem: |
Windows CUI |
PE Type: |
pe |
OS Bitness: |
64 |
Image Base: |
0x0000000140000000 |
Entry Address: |
0x0007181c |
Name |
Size of data |
MD5 |
.text |
619008 |
df0d5a29a4c6fe303f4a84542e947789 |
.rdata |
198656 |
5b6ac80f4e8f81027b330da383b66ea8 |
.data |
49664 |
18fb4d0d5349978da0f663bed07455ee |
.pdata |
28672 |
c46025c8510c4acd929b10ae56b9eb29 |
.nv_fatb |
7715840 |
1f17b8b92debb57e7e7066bdcb2e5a1f |
.nvFatBi |
512 |
8ec85e6f28ef9fdf0f237f1ebff86872 |
.gfids |
1024 |
16c38fbd4a3483abaab261e93b5b0f80 |
.tls |
512 |
1f354d76203061bfdd5a53dae48d5435 |
.rsrc |
1536 |
aee076649dd04a2483d2425edc1e3267 |
.reloc |
5632 |
74e370d393b2d2972373b532cd56fb94 |