How to remove xmrig[1].exe
- File Details
- Overview
- Analysis
xmrig[1].exe
The module xmrig[1].exe has been detected as Risk.CoinMiner
File Details
Product Name: |
|
Company Name: |
|
MD5: |
b629bbb9abbe1f8c94d3f6ada44d1432 |
Size: |
4 MB |
First Published: |
2018-10-19 17:10:05 (6 years ago) |
Latest Published: |
2021-11-07 21:41:01 (3 years ago) |
Status: |
Risk.CoinMiner (on last analysis) |
|
Analysis Date: |
2021-11-07 21:41:01 (3 years ago) |
%localappdata%\microsoft\windows\temporary internet files\content.ie5 |
%localappdata%\microsoft\windows\inetcache\ie |
%profile% |
%appdata% |
%desktop% |
%windir% |
%desktop%\malware |
%profile%\downloads\compressed |
%profile%\downloads\compressed\bitcoin |
%desktop%\mining |
xmrig[2].exe |
xmrig[1].exe |
xmrig.exe |
worker.exe |
win1ogins.exe |
explorer.exe |
taobao.exe |
|
23.8% |
|
|
16.8% |
|
|
6.3% |
|
|
5.6% |
|
|
4.2% |
|
|
4.2% |
|
|
4.2% |
|
|
3.5% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
Windows 10 |
65.0% |
|
Windows 7 |
29.4% |
|
Windows 8.1 |
3.5% |
|
Windows Server 2008 R2 |
0.7% |
|
Windows XP |
0.7% |
|
Windows 8 |
0.7% |
|
Analysis
Subsystem: |
Windows CUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x00001500 |
Name |
Size of data |
MD5 |
.text |
3424256 |
462dc8f123cbb2213f3fa72038f3529d |
.data |
17408 |
de3f968cf8719516c72e8a08fca2e52e |
.rdata |
519168 |
92d44c633a351d4e79e58f565fcc4fcd |
.eh_fram |
453120 |
765948c68879e1e55fff9c9312560461 |
.bss |
0 |
00000000000000000000000000000000 |
.edata |
1536 |
1d7d240fd56f4d2cd2fb4249987be447 |
.idata |
11264 |
dc3bca7242a6d0e0570feb7859bc020c |
.CRT |
512 |
719258b187a9cefc498c4f999d288ec8 |
.tls |
512 |
8e2db67ae404111732ed28539708eb16 |
.rsrc |
23808 |
19207f54c89373abafabfce420aad74d |
.reloc |
95232 |
74fce9cea5a2ac6dad0a1c7a942054da |