How to remove vmde64.exe
vmde64.exe
The module vmde64.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | VMDE |
| Company Name: | UG North |
| MD5: | 67e5733b80ed0cc4667d3b0eebee52a7 |
| Size: | 20 KB |
| First Published: | 2018-09-26 10:08:41 (6 years ago) |
| Latest Published: | 2019-10-11 18:25:08 (5 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2019-10-11 18:25:08 (5 years ago) |
Common Places:
| %localappdata%\hostinstaller\loaded |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
Geography:
| 90.9% | ||
| 9.1% |
OS Version:
| Windows 10 | 36.4% | |
| Windows 8.1 | 36.4% | |
| Windows 7 | 27.3% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00002304 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 9728 | f1f8743e34bc736c3e1b07d9063e4bc7 |
| .rdata | 5632 | 533717b43291f3a7bc1ffca47762d045 |
| .data | 512 | c76065ccd1c090ddac3a69376d0025ba |
| .pdata | 512 | f31396986405093c50febbcebee6fc23 |
| .poi | 512 | 9a670326277a2b81d9f5a001bd7e486e |
| .gfids | 512 | 1cf2856b26691be80e10679aee1138e4 |
| .rsrc | 1536 | 26bf39f40b9c3b810100216f69302208 |
| .reloc | 512 | de59a44d9247e2a372c917075b23f986 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for vmde64.exe
