How to remove sab.exe
sab.exe
The module sab.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | Sage Atualiza Base |
| Company Name: | Sage Software |
| MD5: | 295dca1e65c52e546cf7722f24a9c81a |
| Size: | 7 MB |
| First Published: | 2018-07-05 13:06:02 (6 years ago) |
| Latest Published: | 2018-07-05 13:06:09 (6 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-07-05 13:06:09 (6 years ago) |
Overview
| Signed By: | SAGE BRASIL SOFTWARE S.A. |
| Status: | Valid |
Common Places:
| %sysdrive%\sagegestaocontabilacademico |
Geography:
| 100.0% |
OS Version:
| Windows 7 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00293094 |
PE Sections:
| Name | Size of data | MD5 |
| CODE | 2696192 | df382f796eb376577d3355025448afd8 |
| DATA | 23552 | 6d0c8032df6d09487e7021257ac5d0d0 |
| BSS | 0 | 00000000000000000000000000000000 |
| .idata | 11264 | 93717a640c0de39ff8c5b4b9e65daf0e |
| .tls | 0 | 00000000000000000000000000000000 |
| .rdata | 512 | 49ae06ffeb0b5859b5108a12e46dd27f |
| .reloc | 158720 | 98094ed6a421be563b855cd2f59a7769 |
| .rsrc | 4845056 | 38f38026798500d38555caf74b3e5efe |
More information:
Download GridinSoft
Anti-Malware - Removal tool for sab.exe
