How to remove system.exe
system.exe
The module system.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | microsoft |
| Company Name: | www.microsoft.com |
| MD5: | 94999666718b98b9fcfcc40a0cf594e5 |
| Size: | 558 KB |
| First Published: | 2017-11-14 20:02:14 (7 years ago) |
| Latest Published: | 2020-10-30 16:39:20 (4 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2020-10-30 16:39:20 (4 years ago) |
Common Places:
| %commonappdata%\system32 |
| %commonappdata% |
| %commonappdata% |
Geography:
| 50.0% | ||
| 25.0% | ||
| 25.0% |
OS Version:
| Windows 7 | 50.0% | |
| Windows 10 | 25.0% | |
| Windows Server 2008 R2 | 25.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000400000 |
| Entry Address: | 0x00001500 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 462848 | 5eceb1de2394e8e67b202ecd49e1ca1b |
| .data | 1536 | 4d059c359867efa0cfd90e82504bf94f |
| .rdata | 58368 | be32a0d08aacae0e09fb8c4eaac903c2 |
| .pdata | 16896 | 2e0ba7fb2a512b0960511963b283d068 |
| .xdata | 15872 | 398b19d16edcf8e7f7fc2cd6b9d3b90c |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 11776 | f6cc5eae010bab5c82aa4159a30737e7 |
| .CRT | 512 | c9f1185793b15960dbe2b6a8a1d327c3 |
| .tls | 512 | 9d3daa3d25b03a655b513793f0413e4a |
| .rsrc | 2048 | da1d2d350744a4751806fca84b6cd8be |
More information:
Download GridinSoft
Anti-Malware - Removal tool for system.exe
