How to remove update-x64.exe
- File Details
- Overview
- Analysis
update-x64.exe
The module update-x64.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
4067907a0d99b75f6bfa960cb63902b4 |
| Size: |
4 MB |
| First Published: |
2020-02-13 03:39:46 (5 years ago) |
| Latest Published: |
2021-07-04 20:45:40 (3 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2021-07-04 20:45:40 (3 years ago) |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
|
44.4% |
|
|
22.2% |
|
|
14.8% |
|
|
5.6% |
|
|
3.7% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
| Windows 7 |
51.9% |
|
| Windows 10 |
29.6% |
|
| Windows 8 |
13.0% |
|
| Windows 8.1 |
5.6% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00287d0c |
| Name |
Size of data |
MD5 |
| .text |
2988032 |
bbd0c66f8330b605cd75f3f534c93f36 |
| .rdata |
864768 |
7f843f04861ea8750730e0473ebdaa8f |
| .data |
279040 |
73a14c92ab1f6392399463cd5855f98f |
| .pdata |
120832 |
72b5a5ab58d9a9421e6a8e250daa81c8 |
| _RANDOMX |
2048 |
4c9ad32e381e3b0d5fe17bbaafaae2bf |
| _TEXT_CN |
6656 |
6a7f77e47f77f65bef85036ae5a71106 |
| _TEXT_CN |
4608 |
409bf3f918f2402291cb56c2e9354b47 |
| _RDATA |
512 |
abe143fd7253dd6ef508a9782b0df62e |
| .rsrc |
372224 |
bcfc094b5db400ee8cf352ca602a6efb |
| .reloc |
33792 |
366c0eafe655b45a967b2703140ca2f4 |
