How to remove winlogon.exe
- File Details
- Overview
- Analysis
winlogon.exe
The module winlogon.exe has been detected as Risk.CoinMiner
File Details
MD5: |
ec0f9398d8017767f86a4d0e74225506 |
Size: |
381 KB |
First Published: |
2019-04-20 05:19:00 (5 years ago) |
Latest Published: |
2024-02-17 23:16:17 (2 months ago) |
Status: |
Risk.CoinMiner (on last analysis) |
|
Analysis Date: |
2024-02-17 23:16:17 (2 months ago) |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
|
59.4% |
|
|
14.9% |
|
|
3.4% |
|
|
1.9% |
|
|
1.5% |
|
|
1.5% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
Windows 10 |
61.9% |
|
Windows 7 |
33.8% |
|
Windows 8.1 |
2.7% |
|
Windows Server 2008 R2 |
1.2% |
|
Windows Vista |
0.3% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x000e1fe0 |
Name |
Size of data |
MD5 |
UPX0 |
0 |
00000000000000000000000000000000 |
UPX1 |
353280 |
0ad256cdac081747b2ae84bcc59edca6 |
.rsrc |
35840 |
02d2e3d2354a2b75258140abac75a8a6 |