How to remove t-rex.exe
t-rex.exe
The module t-rex.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | T-Rex NVIDIA GPU miner |
| Company Name: | http://trex-miner.com |
| MD5: | 44d066ef63dc6fcd8cef01cadafe079c |
| Size: | 12 MB |
| First Published: | 2019-12-15 07:18:35 (5 years ago) |
| Latest Published: | 2021-04-15 20:50:48 (4 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2021-04-15 20:50:48 (4 years ago) |
Common Places:
| %localappdata%\programs\nicehash miner\miner_plugins\d47d9b00-7237-11e9-b20c-f9f12eb6d835 |
| %profile%\downloads\nhm_windows_3.0.0.6\miner_plugins\d47d9b00-7237-11e9-b20c-f9f12eb6d835\bins |
| %commonappdata%\cudo miner\registry |
| %profile%\downloads\nhm_windows_3.0.0.5\miner_plugins\d47d9b00-7237-11e9-b20c-f9f12eb6d835\bins |
| %sysdrive%\$recycle.bin\s-1-5-21-1302256496-1416034228-4168559057-1001\$r2joaq9 |
| %sysdrive%\filehistory\menio\adminrg-v0utr0e\data\c\users\menio\desktop\coin mining\nicehash miner\miner_plugins\d47d9b00-7237-11e9-b20c-f9f12eb6d835\bins |
| %localappdata%\programs\nicehash miner\miner_plugins\d47d9b00-7237-11e9-b20c-f9f12eb6d835\bins |
| %appdata%\kryptex\miners |
| %appdata%\kryptex\miners |
| %sysdrive%\idm\compressed\t-rex 0.14.6 - bytwork.com.zip\t-rex 0.14.6 - bytwork.com |
Geography:
| 30.0% | ||
| 20.0% | ||
| 10.0% | ||
| 10.0% | ||
| 10.0% | ||
| 10.0% | ||
| 10.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x02a7d186 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 0 | 00000000000000000000000000000000 |
| .rdata | 0 | 00000000000000000000000000000000 |
| .data | 0 | 00000000000000000000000000000000 |
| .pdata | 0 | 00000000000000000000000000000000 |
| .nv_fatb | 0 | 00000000000000000000000000000000 |
| .nvFatBi | 0 | 00000000000000000000000000000000 |
| .tls | 0 | 00000000000000000000000000000000 |
| .gfids | 0 | 00000000000000000000000000000000 |
| .vmp0 | 0 | 00000000000000000000000000000000 |
| .vmp1 | 12857856 | 8a3879c08ecf9ba1cffbdf12f90508da |
| .reloc | 512 | eed4796a580d4bd35c10459b7e9bbadb |
| .rsrc | 69120 | d30e0e4dd18a63cebea09b73463ae04a |
More information:
Download GridinSoft
Anti-Malware - Removal tool for t-rex.exe
