How to remove windir.exe
windir.exe
The module windir.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | Поисковик NNM-Club |
| MD5: | d8fc4ec927e553915d537ec314ea1946 |
| Size: | 517 KB |
| First Published: | 2018-01-13 12:07:04 (6 years ago) |
| Latest Published: | 2018-01-13 12:07:04 (6 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-01-13 12:07:04 (6 years ago) |
Overview
| Signed By: | Miroslav Topolar |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %commonappdata% |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000193a9 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 313856 | 27b9ebfb2e659003df1012455d6d5dd9 |
| .rdata | 88576 | 3d128c60b15188b05d07509f8e5de4c3 |
| .data | 5120 | eee5501b3e84b6511a3e5b57d9852fda |
| .rsrc | 101376 | 5566f3ffce56b4fc29cee8e68cd51c35 |
| .reloc | 15360 | d5667a27f9bb309143afde092479e719 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for windir.exe
