How to remove uihost32.exe
- File Details
- Overview
- Analysis
uihost32.exe
The module uihost32.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
4fca837855b3bced7559889adb41c4b7 |
| Size: |
3 MB |
| First Published: |
2019-10-19 09:09:02 (5 years ago) |
| Latest Published: |
2024-04-03 23:07:24 (a year ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2024-04-03 23:07:24 (a year ago) |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| Pakistan |
16.2% |
|
| India |
14.6% |
|
| Vietnam |
8.1% |
|
| Iran |
6.6% |
|
| Venezuela |
6.1% |
|
| Russia |
5.1% |
|
| South Africa |
4.0% |
|
| Taiwan |
4.0% |
|
| Ethiopia |
3.5% |
|
| United States |
2.5% |
|
| Indonesia |
2.0% |
|
| Mongolia |
2.0% |
|
| Nigeria |
1.5% |
|
| Brazil |
1.5% |
|
| Kazakhstan |
1.5% |
|
| Mauritius |
1.5% |
|
| Kenya |
1.5% |
|
| Peru |
1.5% |
|
| Egypt |
1.0% |
|
| Philippines |
1.0% |
|
| Ghana |
1.0% |
|
| Saudi Arabia |
1.0% |
|
| Ukraine |
1.0% |
|
| Thailand |
1.0% |
|
| Mozambique |
0.5% |
|
| Sudan |
0.5% |
|
| Malawi |
0.5% |
|
| Belarus |
0.5% |
|
| Azerbaijan |
0.5% |
|
| Cuba |
0.5% |
|
| Bangladesh |
0.5% |
|
| Mexico |
0.5% |
|
| Colombia |
0.5% |
|
| Bolivia |
0.5% |
|
| Bosnia and Herzegovina |
0.5% |
|
| Kyrgyzstan |
0.5% |
|
| Morocco |
0.5% |
|
| Iraq |
0.5% |
|
| Nepal |
0.5% |
|
| Singapore |
0.5% |
|
| Sierra Leone |
0.5% |
|
| Denmark |
0.5% |
|
| Italy |
0.5% |
|
| Yemen |
0.5% |
|
| Windows 7 |
62.8% |
|
| Windows 10 |
19.8% |
|
| Windows Server 2012 R2 |
7.2% |
|
| Windows 8.1 |
6.8% |
|
| Windows Server 2008 R2 |
2.4% |
|
| Windows Server 2012 |
0.5% |
|
| Windows 8 |
0.5% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00001500 |
| Name |
Size of data |
MD5 |
| .text |
2871296 |
2c225ac3a930b912fc580e8b31b1916a |
| .data |
8192 |
3b0c9b37ba2cd93670f38d45bf4197ea |
| .rdata |
153088 |
550a83493025373bbb4de8beccbe84fa |
| .eh_fram |
401408 |
e3476d5353152a986085e84ed0a44721 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
10240 |
de199dbe1653b7a6d734df5362206572 |
| .CRT |
512 |
fcac5ace5ba3d72ba2ea67e5cfbaa765 |
| .tls |
512 |
70b4be6a6ba075fa1ede4eb6826ec04c |
| .rsrc |
2560 |
634b82ceb8ca88005306e30b859ace78 |
