How to remove xmrig[1].exe

xmrig[1].exe

The module xmrig[1].exe has been detected as Risk.CoinMiner

xmrig[1].exe
Remove xmrig[1].exe

File Details

Product Name:

XMRig
Company Name:

www.xmrig.com
MD5: b629bbb9abbe1f8c94d3f6ada44d1432
Size: 4 MB
First Published: 2018-10-19 17:10:05 (6 years ago)
Latest Published: 2021-11-07 21:41:01 (3 years ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2021-11-07 21:41:01 (3 years ago)

Common Places:

%localappdata%\microsoft\windows\temporary internet files\content.ie5
%localappdata%\microsoft\windows\inetcache\ie
%profile%
%appdata%
%desktop%
%windir%
%desktop%\malware
%profile%\downloads\compressed
%profile%\downloads\compressed\bitcoin
%desktop%\mining

File Names:

xmrig[2].exe
xmrig[1].exe
xmrig.exe
worker.exe
win1ogins.exe
explorer.exe
taobao.exe

Geography:

23.8%
16.8%
6.3%
5.6%
4.2%
4.2%
4.2%
3.5%
2.8%
2.8%
2.8%
2.1%
2.1%
2.1%
2.1%
2.1%
1.4%
1.4%
1.4%
1.4%
1.4%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%

OS Version:

Windows 10 65.0%
Windows 7 29.4%
Windows 8.1 3.5%
Windows Server 2008 R2 0.7%
Windows XP 0.7%
Windows 8 0.7%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00001500

PE Sections:

Name Size of data MD5
.text 3424256 462dc8f123cbb2213f3fa72038f3529d
.data 17408 de3f968cf8719516c72e8a08fca2e52e
.rdata 519168 92d44c633a351d4e79e58f565fcc4fcd
.eh_fram 453120 765948c68879e1e55fff9c9312560461
.bss 0 00000000000000000000000000000000
.edata 1536 1d7d240fd56f4d2cd2fb4249987be447
.idata 11264 dc3bca7242a6d0e0570feb7859bc020c
.CRT 512 719258b187a9cefc498c4f999d288ec8
.tls 512 8e2db67ae404111732ed28539708eb16
.rsrc 23808 19207f54c89373abafabfce420aad74d
.reloc 95232 74fce9cea5a2ac6dad0a1c7a942054da

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for xmrig[1].exe
copyright for information about xmrig[1].exe