How to remove winrmsrv.exe

winrmsrv.exe Removal: How to Get Rid of winrmsrv.exe462ee20e8abbbb559bd1c4f8be87b123

winrmsrv.exe

The module winrmsrv.exe has been detected as Trojan.CoinMiner

winrmsrv.exe
Remove winrmsrv.exe

File Details

Product Name:

Microsoft® Windows® Operating System
Company Name:

Microsoft Corporation
MD5: 462ee20e8abbbb559bd1c4f8be87b123
Size: 714 KB
First Published: 2019-11-26 05:14:38 (3 years ago)
Latest Published: 2023-03-17 23:58:05 (11 days ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2023-03-17 23:58:05 (11 days ago)

Common Places:

%system%
%system%
%system%
%system%
%system%
%system%
%system%
%system%
%system%
%system%

Geography:

18.7%
8.2%
5.5%
4.3%
4.1%
2.9%
2.5%
2.5%
2.3%
2.3%
2.1%
2.0%
2.0%
1.8%
1.6%
1.6%
1.6%
1.6%
1.4%
1.4%
1.4%
1.2%
1.2%
1.2%
1.2%
1.2%
1.2%
1.1%
1.1%
1.1%
0.9%
0.9%
0.7%
0.7%
0.7%
0.7%
0.7%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 10 97.5%
Windows 7 2.5%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x001c4770

PE Sections:

Name Size of data MD5
UPX0 0 00000000000000000000000000000000
UPX1 728064 e024edc657a2196dbc5614664959e621
.rsrc 2048 81e364ec12605609811f91c50c0676d5

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for winrmsrv.exe
copyright for information about winrmsrv.exe