How to remove uihost64.exe

» File
File Details
Overview
Analysis

uihost64.exe

The module uihost64.exe has been detected as Trojan.CoinMiner

uihost64.exe

Remove uihost64.exe

File Details

Main Info:

Product Name:	McAfee WebAdvisor
Company Name:	McAfee, Inc.
MD5:	0211073feb4ba88254f40a2e6611fcef
Size:	2 MB
First Published:	2019-10-18 07:58:46 (6 years ago)
Latest Published:	2024-04-03 23:07:24 (2 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2024-04-03 23:07:24 (2 years ago)

Common Places:

%appdata%

%appdata%

%appdata%

%appdata%

%appdata%

%appdata%

%appdata%

%appdata%

%appdata%

%appdata%

Geography:

	15.4%
	13.6%
	6.5%
	6.5%
	5.1%
	4.7%
	4.7%
	3.7%
	3.7%
	3.3%
	2.8%
	2.3%
	1.9%
	1.9%
	1.9%
	1.4%
	1.4%
	1.4%
	1.4%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%

OS Version:

Windows 7	59.8%
Windows 10	21.4%
Windows Server 2012 R2	7.6%
Windows 8.1	5.4%
Windows Server 2008 R2	3.6%
Windows Server 2016	0.9%
Windows 8	0.9%
Windows Server 2012	0.4%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000400000
Entry Address:	0x000014a0

PE Sections:

Name	Size of data	MD5
.text	2520576	bf914d3672ed5605cb3fe765439226cf
.data	13824	85712f7e848a160a720db624fbda334d
.rdata	195072	39e63d4bcd3d32843db0053e4df6eeea
.pdata	79360	b8f484e4cc47c68fad44f779e9323793
.xdata	115200	7ea489245f5bbced7577e0988fed1214
.bss	0	00000000000000000000000000000000
.idata	14848	aebdf29c717aaadbfea82dd9d9de250d
.CRT	512	daf8376ed9e417167601c08e8febd388
.tls	512	bf619eac0cdf3f68d496ea9344137e8b
.rsrc	2560	923c48e2b55f306349438bb9dabb9e63

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for uihost64.exe

copyright for information about uihost64.exe