How to remove windef.exe
windef.exe
The module windef.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | Windows Defender |
| Company Name: | www.microsoft.com |
| MD5: | e8720563cb7ab1ce10baac7e01b3c1c4 |
| Size: | 911 KB |
| First Published: | 2018-09-12 17:09:58 (6 years ago) |
| Latest Published: | 2018-09-12 17:09:58 (6 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-09-12 17:09:58 (6 years ago) |
Geography:
| 100.0% |
OS Version:
| Windows Server 2008 R2 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000400000 |
| Entry Address: | 0x000014e0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 732160 | 5ac15574328b68571cb98d8e33b96bd8 |
| .data | 1536 | c43a340ec5aca65db1d02a61a34b3f6a |
| .rdata | 82432 | 73be56d1dfbe193de6d326d3fe47ef99 |
| .pdata | 23552 | 70ea5aab23204cb5f5aa8fd6771cc7a2 |
| .xdata | 22016 | f6d4825267e966988214bf1fdb3f25fb |
| .bss | 0 | 00000000000000000000000000000000 |
| .edata | 1536 | 905f1fc2d68a3941caf589ffb9a9d369 |
| .idata | 12288 | c8158db09e2491fa4db493da14ef9fe6 |
| .CRT | 512 | 205a07a8ea4656e16516d951fe476cdb |
| .tls | 512 | bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc | 53760 | 931cd97e75a4f6e73d82ef1e818b27f1 |
| .reloc | 2048 | eecf74a5bf222533d481054850e06ded |
More information:
Download GridinSoft
Anti-Malware - Removal tool for windef.exe
