How to remove xmrig.exe
xmrig.exe
The module xmrig.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | XMRig |
| Company Name: | www.xmrig.com |
| MD5: | 0f36d53e15f39eb7317fe4efed00a4c9 |
| Size: | 2 MB |
| First Published: | 2020-09-19 19:51:35 (4 years ago) |
| Latest Published: | 2023-07-25 23:44:25 (2 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2023-07-25 23:44:25 (2 years ago) |
Common Places:
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
| %sysdrive%\$recycle.bin\s-1-5-21-2400453414-84194822-421123232-1001\$r9hi94u\registry |
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
Geography:
| 33.3% | ||
| 16.7% | ||
| 16.7% | ||
| 16.7% | ||
| 16.7% |
OS Version:
| Windows 10 | 83.3% | |
| Windows 7 | 16.7% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x001401f4 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 1609216 | edc58aef27fd5985227329aac3256d3b |
| .rdata | 349184 | 75735d7e445d6d4122d6a4283a0bf1f6 |
| .data | 264704 | 9a87066a624d9ff959aef7eb876b78ae |
| .pdata | 56320 | d2b07137c41693aabda1b28688d9bcf1 |
| _RANDOMX | 2048 | 4c9ad32e381e3b0d5fe17bbaafaae2bf |
| _SHA3_25 | 2560 | c14f9aad5e95192cd7523ba6675549fd |
| _TEXT_CN | 6656 | 6a7f77e47f77f65bef85036ae5a71106 |
| _TEXT_CN | 4608 | 409bf3f918f2402291cb56c2e9354b47 |
| .rsrc | 23040 | b3dee5e873f1a61139cff565ca8083c8 |
| .reloc | 9728 | f8138019b83d756412d25466b959ba83 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for xmrig.exe
