How to remove websock.exe

websock.exe

The module websock.exe has been detected as Risk.CoinMiner

websock.exe
Product Name:

CPU utility

Company Name:

PC Tools

MD5: 5d8dbf60120617dd57f4ee851cd32fb6
Size: 5 MB
First Published: 2017-09-27 16:04:11 (7 years ago)
Latest Published: 2024-04-09 23:01:56 (a year ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2024-04-09 23:01:56 (a year ago)
%sysdrive%\disk
%sysdrive%\applications
%sysdrive%\winsys
%sysdrive%\avast! sandbox\s-1-5-21-3939986573-4102505418-3639366840-1004\r119\service.exe_{8b9caade-a3ad-11e7-8de6-048d383798f6}\c\applications
%sysdrive%\$recycle.bin\s-1-5-21-329686028-1258328037-2662448962-1001
%sysdrive%\windat
%sysdrive%\$recycle.bin\s-1-5-21-3776738029-1593190185-939278139-1001
%sysdrive%\disk8
%sysdrive%\$recycle.bin\s-1-5-21-1381739125-3279690646-1860596217-1001\$r0gxpk1
%desktop%\disk1
securedisk.exe
websock.exe
sysConfig.bat
$RHT0LIN.exe
$R04KS35.exe
$RF91BNG.bat
trzC4F0.tmp
syslog.bat
websock.exe.quarantined
websock.exe.infected
dfhdfhdfh.exe
securedisk.exe.quarantined
WEBSOCK.del
websock - Copy.exe
$ROGARS0.exe
websock.exe.[BM-2cTVHx6b7RYhJ9gGKZn6yTuBpBBq3LHRkz@bitmessage.ch or BM-2cSxePLmJiWZLiaLvogpaG7ibaGLsuR3uU@bitmessage.ch]-id-18AC.payday
trzF8B5.tmp
websock.VIR
k.exe
trzE33D.tmp
$ROWHNDY.exe
securedisk.exe.SUPERDelete
websock.exe.SUPERDelete
trz27D8.tmp
$R8PVQJW.exe
trzBB44.tmp
Vietnam 10.8%
Taiwan 9.4%
Turkey 8.9%
Indonesia 6.3%
Poland 5.4%
India 5.1%
Brazil 4.7%
South Korea 4.5%
Thailand 3.4%
Hungary 2.9%
Romania 2.2%
Spain 2.2%
Russia 2.1%
Iran 2.1%
Czech Republic 2.0%
Greece 1.5%
Ukraine 1.4%
Belarus 1.4%
Hong Kong 1.2%
Palestine 1.0%
Pakistan 1.0%
Bulgaria 0.9%
Argentina 0.9%
Croatia 0.9%
Chile 0.9%
Israel 0.8%
Italy 0.8%
Egypt 0.8%
Morocco 0.7%
Mexico 0.6%
Lithuania 0.6%
Austria 0.6%
Tunisia 0.6%
Latvia 0.6%
Philippines 0.6%
Portugal 0.5%
Peru 0.5%
Iraq 0.4%
Former Yugoslav Republic of Macedonia 0.4%
Norway 0.4%
Slovakia 0.4%
Sri Lanka 0.4%
Slovenia 0.3%
Lebanon 0.3%
Malaysia 0.3%
Serbia 0.3%
South Africa 0.3%
Bangladesh 0.3%
Algeria 0.3%
Estonia 0.3%
Saudi Arabia 0.3%
Ecuador 0.3%
Trinidad and Tobago 0.3%
Jordan 0.2%
Albania 0.2%
Yemen 0.2%
Madagascar 0.2%
Venezuela 0.2%
Colombia 0.2%
Belgium 0.2%
Kenya 0.2%
Laos 0.2%
Syria 0.1%
Bosnia and Herzegovina 0.1%
Kuwait 0.1%
Macau 0.1%
Japan 0.1%
Mauritius 0.1%
Kazakhstan 0.1%
Germany 0.1%
Bolivia 0.1%
Mozambique 0.1%
Panama 0.1%
Uruguay 0.1%
United States 0.1%
Sweden 0.1%
United Arab Emirates 0.1%
Sudan 0.1%
Burundi 0.1%
Windows 10 64.5%
Windows 7 25.8%
Windows 8.1 8.9%
Windows 8 0.7%
Windows Vista 0.1%
Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x0001571c

PE Sections:

Name Size of data MD5
.text 325120 c9f3b5f21cd15b354273f75a4000ba7a
.rdata 95232 5ccd743d37c046284726cea637adf153
.data 7168 2286618f56b1451aa0a19d61588f086e
.pdata 15360 acc5f6470ea6740b3be9691a93289fd3
.rsrc 4824064 630103fb74b079507329054d4e29469c
.reloc 2560 187fd113a133ec5a1f45762fb270b31e

More information:

Download GridinSoft Anti-Malware - Removal tool for websock.exe
­