How to remove winlogson.exe
- File Details
- Overview
- Analysis
winlogson.exe
The module winlogson.exe has been detected as Trojan.CoinMiner
File Details
| MD5: |
055eaec478c4a8490041b8fa3db1119d |
| Size: |
7 MB |
| First Published: |
2023-07-07 23:01:27 (2 years ago) |
| Latest Published: |
2024-10-31 23:01:51 (9 months ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2024-10-31 23:01:51 (9 months ago) |
Overview
| %commonappdata% |
| %localappdata%\programs\nicehash miner\miner_plugins\eb75e920-94eb-11ea-a64d-17be303ea466\bins\21.0 |
| %localappdata%\programs\nicehash miner\miner_plugins\eb75e920-94eb-11ea-a64d-17be303ea466\bins\21.0 |
| %commonappdata% |
| %localappdata%\programs\unminer\resources\miners\win32 |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %sysdrive%\$recycle.bin\s-1-5-21-3723100787-48486256-2119960120-1001\$rsh36vu\resources\miners\win32 |
| %commonappdata% |
|
20.0% |
|
|
20.0% |
|
|
13.3% |
|
|
13.3% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x04759080 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| UPX1 |
8081408 |
a477d54a435c7245a12ba497f5d0bf5d |
| .rsrc |
1536 |
8540ae678eb6014454cc95253cd79ee8 |
