How to remove websock.exe00

websock.exe00

The module websock.exe00 has been detected as Trojan.CoinMiner

websock.exe00
Remove websock.exe00

File Details

Product Name:

app
Company Name:

App Studio Inc.
MD5: 387efe4195bd26a4a2574b3f3539cdc5
Size: 2 MB
First Published: 2018-04-02 07:09:41 (6 years ago)
Latest Published: 2020-11-21 21:17:02 (3 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2020-11-21 21:17:02 (3 years ago)

Common Places:

%sysdrive%
%sysdrive%\$recycle.bin\s-1-5-21-1120483686-2951940131-364926112-1001
%sysdrive%\$recycle.bin\s-1-5-21-3835571052-2097071781-163952756-1001
%sysdrive%
%sysdrive%
%sysdrive%
%sysdrive%
%sysdrive%
%sysdrive%
%sysdrive%

File Names:

securedisk.exe
syslog.bat
websock.exe
sysConfig.bat
WEBSOCK.DEL1
websock.exe.quarantined
websock.0exe
websock.exe00

Geography:

16.1%
13.8%
11.8%
7.8%
7.3%
6.1%
4.6%
2.7%
2.2%
1.6%
1.5%
1.5%
1.2%
1.2%
1.0%
1.0%
1.0%
0.9%
0.9%
0.9%
0.9%
0.7%
0.7%
0.6%
0.6%
0.6%
0.6%
0.4%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 10 68.6%
Windows 7 21.1%
Windows 8.1 8.8%
Windows 8 1.3%
Windows Vista 0.1%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x0002a3f0

PE Sections:

Name Size of data MD5
.text 401920 29d9c8b3dc7a602aa0c9144c3511e113
.rdata 112640 2461632baff1f8f5d6f243d56c365444
.data 49664 9828cc9875fae0359715b9738836d5db
.pdata 18944 3a2a8f05f5be68f30d153a262ac4635b
.rsrc 2464768 5377f8480093124541182dce8cf546ae
.reloc 3072 e6990228b09b50fb91f3d0fef7476e27

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for websock.exe00
copyright for information about websock.exe00