How to remove winlogon.exe
- File Details
- Overview
- Analysis
winlogon.exe
The module winlogon.exe has been detected as Risk.CoinMiner
File Details
| MD5: |
ec0f9398d8017767f86a4d0e74225506 |
| Size: |
381 KB |
| First Published: |
2019-04-20 05:19:00 (5 years ago) |
| Latest Published: |
2024-02-17 23:16:17 (2 months ago) |
| Status: |
Risk.CoinMiner (on last analysis) |
|
| Analysis Date: |
2024-02-17 23:16:17 (2 months ago) |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
|
59.4% |
|
|
14.9% |
|
|
3.4% |
|
|
1.9% |
|
|
1.5% |
|
|
1.5% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
| Windows 10 |
61.9% |
|
| Windows 7 |
33.8% |
|
| Windows 8.1 |
2.7% |
|
| Windows Server 2008 R2 |
1.2% |
|
| Windows Vista |
0.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000e1fe0 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
00000000000000000000000000000000 |
| UPX1 |
353280 |
0ad256cdac081747b2ae84bcc59edca6 |
| .rsrc |
35840 |
02d2e3d2354a2b75258140abac75a8a6 |
