How to remove xmrig.exe
xmrig.exe
The module xmrig.exe has been detected as Risk.CoinMiner
File Details
| Product Name: | XMRig |
| Company Name: | www.xmrig.com |
| MD5: | 1be820c72678ea2cb07fca8461cd3d26 |
| Size: | 1 MB |
| First Published: | 2021-03-21 21:38:08 (4 years ago) |
| Latest Published: | 2024-12-04 23:01:51 (6 months ago) |
| Status: | Risk.CoinMiner (on last analysis) | |
| Analysis Date: | 2024-12-04 23:01:51 (6 months ago) |
Overview
| Signed By: | Cudo Ventures Ltd |
| Status: | Valid |
Common Places:
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
| %sysdrive%\$recycle.bin\s-1-5-21-613876456-3037896169-1960079061-1001\$rxon21l\registry |
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
| %sysdrive%\$recycle.bin\s-1-5-21-2400453414-84194822-421123232-1001\$r9hi94u\registry |
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
| %commonappdata%\cudo miner\registry |
Geography:
| 25.0% | ||
| 16.7% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00130838 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 1578496 | c0d22563fe687ddc5a0c5568432fa238 |
| .rdata | 301568 | c9874744b9dbcc69d4d0d699374ae7df |
| .data | 24576 | 70cec470bfcca7536d4d2a1bb231c622 |
| .pdata | 58880 | bc124eb6be4db0b8b5e214589ec3fa56 |
| _RANDOMX | 3072 | 40025f998909f97334f029ecd436524f |
| _TEXT_CN | 6656 | 6a7f77e47f77f65bef85036ae5a71106 |
| _TEXT_CN | 4608 | 409bf3f918f2402291cb56c2e9354b47 |
| _RDATA | 512 | 6ad552e64f7b2ad972fcccce7c31fa95 |
| .rsrc | 23040 | 55e2f922c71fb0db0ea9e7387c179d4d |
| .reloc | 9728 | 6fa6ad4a877bfa6bd75b0e80fa886bed |
More information:
Download GridinSoft
Anti-Malware - Removal tool for xmrig.exe
