How to remove winnetsvces.exe
- File Details
- Overview
- Analysis
winnetsvces.exe
The module winnetsvces.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| MD5: |
148e44058c29b9b1a82707d94af02d04 |
| Size: |
8 KB |
| First Published: |
2017-06-01 00:09:36 (7 years ago) |
| Latest Published: |
2019-06-27 07:38:08 (5 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2019-06-27 07:38:08 (5 years ago) |
| %commonappdata%\f5c6dbd2-9e35-457f-b662-cf7d478fd412 |
| %commonappdata% |
| %commonappdata% |
|
25.0% |
|
|
12.5% |
|
|
8.3% |
|
|
8.3% |
|
|
8.3% |
|
|
8.3% |
|
|
8.3% |
|
|
4.2% |
|
|
4.2% |
|
|
4.2% |
|
|
4.2% |
|
|
4.2% |
|
| Windows 10 |
50.0% |
|
| Windows 7 |
37.5% |
|
| Windows 8.1 |
12.5% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000033fe |
| MVID: |
8c4b52b7-793d-446d-8b0f-a247e3110463 |
| Name |
Size of data |
MD5 |
| .text |
5632 |
619a27d97958c7521169c3161f6bb755 |
| .rsrc |
2048 |
af30388c4bb9abe051063a300fed4a91 |
| .reloc |
512 |
370cd6034a8bd114b03c07a9fe67c62e |
