How to remove service_box.exe.quarantined

service_box.exe.quarantined

The module service_box.exe.quarantined has been detected as Trojan.CoinMiner

service_box.exe.quarantined
Remove service_box.exe.quar

File Details

Product Name:

System Native Service
Company Name:

www.somedomainthatnotexists.com
MD5: 61b84a240a0290f37afe45034c40bd08
Size: 7 MB
First Published: 2018-01-11 14:07:42 (7 years ago)
Latest Published: 2018-12-21 08:14:18 (6 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2018-12-21 08:14:18 (6 years ago)

Overview

Signed By: Garry Lachman
Status: Valid

Common Places:

%programfiles%\system native
%appdata%\system native\main services 1.2.9\install
%sysdrive%\$recycle.bin
%programfiles%\system native

File Names:

service_box.exe
service_box.exe.quarantined
42542.exe
$RHKU19C.exe

Geography:

14.4%
12.6%
10.2%
9.6%
4.8%
4.8%
3.6%
3.0%
3.0%
3.0%
2.4%
1.8%
1.8%
1.8%
1.8%
1.8%
1.8%
1.8%
1.2%
1.2%
1.2%
1.2%
1.2%
1.2%
1.2%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%

OS Version:

Windows 7 45.5%
Windows 10 41.9%
Windows 8.1 12.0%
Windows 8 0.6%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x006bbd4f

PE Sections:

Name Size of data MD5
.text 0 00000000000000000000000000000000
.rdata 0 00000000000000000000000000000000
.data 0 00000000000000000000000000000000
.vmp0 0 00000000000000000000000000000000
.vmp1 8142336 a5779e4a9d2fcb32f9d30ba9109ebc8e
.reloc 1536 09f00a3b9cf62351253787180443c5d6
.rsrc 105984 28a68cbfe61501485e0a7830c552b7b2

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for service_box.exe.quarantined
copyright for information about service_box.exe.quarantined