How to remove service_box.exe.quarantined

» File
File Details
Overview
Analysis

service_box.exe.quarantined

The module service_box.exe.quarantined has been detected as Trojan.CoinMiner

service_box.exe.quarantined

Remove service_box.exe.quar

File Details

Main Info:

Product Name:	System Native Service
Company Name:	www.somedomainthatnotexists.com
MD5:	b3642e19cb3eb8cf1c29216450bd2352
Size:	1000 KB
First Published:	2018-01-05 04:08:04 (7 years ago)
Latest Published:	2020-10-11 22:40:17 (4 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2020-10-11 22:40:17 (4 years ago)

Overview

Digital Signature

Signed By:	Jetstar Media LTD
Status:	Valid

Common Places:

%programfiles%\system native

%programfiles%\system native

File Names:

service_box.exe

service_box.exe.quarantined

Geography:

	16.2%
	11.7%
	9.0%
	8.1%
	8.1%
	5.4%
	4.5%
	4.5%
	3.6%
	3.6%
	1.8%
	1.8%
	1.8%
	1.8%
	1.8%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%

OS Version:

Windows 7	49.5%
Windows 10	33.3%
Windows 8.1	17.1%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00001500

PE Sections:

Name	Size of data	MD5
.text	722944	1fc7afccfe7a67b688137550711d46d6
.data	512	f32ecc31043f786678f1067ff524a1d7
.rdata	62976	1fad22add5c09e3e1a387b0b30ca6a5a
.eh_fram	112128	dbdcaa2a0bb93b9faccc1beec7cdb819
.bss	0	00000000000000000000000000000000
.idata	9728	da3d5232668162b0062fd21edd1e0832
.CRT	512	b5cadf2307f0db18cfcadc4b67488bcd
.tls	512	65e87a41a853e37787dad7dd6ca72dea
.rsrc	106544	616adff212e479676009d2db75cdb5a7

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for service_box.exe.quarantined

copyright for information about service_box.exe.quarantined