How to remove taskhost.exe
- File Details
- Overview
- Analysis
taskhost.exe
The module taskhost.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
648a9e9350eeea45a4e21d35df7753eb |
| Size: |
16 MB |
| First Published: |
2017-08-03 04:07:03 (6 years ago) |
| Latest Published: |
2018-10-22 10:13:55 (5 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2018-10-22 10:13:55 (5 years ago) |
| %commonappdata%\micro foundation 2 |
| %appdata%\taskhost local files |
| %appdata%\svchost local files |
| %appdata%\qubjjfsnlu local files |
| %appdata%\spoolsv local files |
| %appdata%\fontdrvhost local files |
| %appdata%\bluestacksindir37341574hdfullturkcemodroot local files |
| %appdata%\wmiprvse local files |
| %appdata%\services local files |
| %appdata%\taskeng local files |
| Open.exe |
| taskhost.exe |
| svchost.exe |
| QUBJJFSNLU.exe |
| spoolsv.exe |
| fontdrvhost.exe |
| BlueStacksindir37341574HDFullTurkceModRoot.exe |
| WmiPrvSE.exe |
| services.exe |
| taskeng.exe |
| concentr.exe |
| WUDFHost.exe |
| IEMonitor.exe |
| ParameterService.exe |
| csrss.exe |
| dwm.exe |
| mb3-setup-consumer-3.0.6.1469-10103.exe |
| chrome.exe |
| browser.exe |
| PRSvc.exe |
| wininit.exe |
| tphkload.exe |
| IDMIntegrator64.exe |
| KillerNetworkService.exe |
| aips.exe |
| igfxHK.exe |
| WinRAR.exe |
| IntelMeFWService.exe |
| GoogleCrashHandler.exe |
| avshadow.exe |
| gsam.exe |
| DMGR1.25_0V1L2Z2Z1T1I1L1T1V1G1B1.25.exe |
| SMSvcHost.exe |
| Open_IObitDel.exe |
| nvvsvc.exe |
| keysharpnxbiz.exe.vir |
| GoogleCrashHandler64.exe |
| SearchProtocolHost.exe |
| LSB.exe |
| trz47CB.tmp |
| amd64_86.exe |
| Euro+Fishing+(2015)+[Cracked]+[Napisy+PL].exe |
| SkypeHost.exe |
| RegSrvc.exe |
| faceitclient.exe |
| dllhost.exe |
| conhost.exe |
| CocCocUpdate.exe |
| CCleaner.exe |
| BlueSoleilCS.exe |
| lsm.exe |
| trzE711.tmp |
|
26.0% |
|
|
12.5% |
|
|
8.3% |
|
|
5.7% |
|
|
4.2% |
|
|
3.6% |
|
|
3.1% |
|
|
2.6% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
1.6% |
|
|
1.6% |
|
|
1.6% |
|
|
1.6% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
| Windows 7 |
54.7% |
|
| Windows 10 |
40.1% |
|
| Windows 8.1 |
4.2% |
|
| Windows 8 |
1.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x01268640 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
00000000000000000000000000000000 |
| UPX1 |
17250816 |
2221e8d89ca3687534b5198fb4d1a5ae |
| .rsrc |
47616 |
f7369686fb2430021388928ff1170ee0 |
