How to remove xmrig650.exe

» File
File Details
Overview
Analysis

xmrig650.exe

The module xmrig650.exe has been detected as Trojan.CoinMiner

Remove xmrig650.exe

File Details

Main Info:

Product Name:	XMRig
Company Name:	www.xmrig.com
MD5:	568787c1b98ed78a619037c9eefc416a
Size:	8 MB
First Published:	2018-04-16 17:11:02 (7 years ago)
Latest Published:	2021-11-30 21:23:19 (3 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2021-11-30 21:23:19 (3 years ago)

Common Places:

%localappdata%

%sysdrive%\$recycle.bin\s-1-5-21-224740487-3395717990-1652011719-1001

%sysdrive%\miners

%sysdrive%\downloads\torrents

%profile%\ln\local settings\application data

%profile%\ser\local settings\application data

%profile%\rivate\ustawienia lokalne\dane aplikacji

%profile%\indowsxp\local settings\application data

%sysdrive%\$recycle.bin

%sysdrive%\$recycle.bin\s-1-5-21-3243973200-3250571694-761432488-1001

File Names:

real.exe

xmrig650.exe

xmrig-nvidia.exe

xmrig1060.exe

trzF94C.tmp

$RRS3AJZ.exe

iii.jpeg.exe

Dg5.exe

A0001928.exe

A0014601.exe

$RLITGMD.exe

Geography:

Russia	21.8%
Vietnam	15.3%
Ukraine	9.4%
Indonesia	8.1%
Turkey	4.6%
Taiwan	4.4%
Belarus	3.5%
Poland	3.5%
France	2.8%
Thailand	2.8%
Brazil	2.6%
Italy	2.2%
Iran	2.2%
South Korea	2.0%
United States	1.5%
Spain	1.3%
India	0.9%
Saudi Arabia	0.7%
Serbia	0.7%
Kazakhstan	0.7%
Philippines	0.7%
Hungary	0.7%
Finland	0.7%
Slovakia	0.7%
Portugal	0.4%
Austria	0.4%
Czech Republic	0.4%
Egypt	0.4%
Netherlands	0.4%
United Kingdom	0.4%
Moldova	0.4%
China	0.4%
Armenia	0.4%
Peru	0.2%
Sudan	0.2%
Greece	0.2%
Latvia	0.2%
Canada	0.2%
Switzerland	0.2%
Bosnia and Herzegovina	0.2%
Argentina	0.2%
Myanmar	0.2%
Germany	0.2%
Hong Kong	0.2%
Morocco	0.2%

OS Version:

Windows 10	48.9%
Windows 7	40.7%
Windows 8.1	5.2%
Windows XP	3.7%
Windows 8	1.3%
Windows Embedded 8.1	0.2%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x0007359c

PE Sections:

Name	Size of data	MD5
.text	631296	17e3cdf78d9e240562f95ef0eaee79d5
.rdata	202240	fc11ab5c5a972bb1d9d94858062092de
.data	49664	a320985cf23a3cef718d1ff5c304d471
.pdata	29696	53d6bd813e4d9818f1d5c222c7f065c4
.nv_fatb	8282112	677227feb4028a8972fa1959a20ece32
.nvFatBi	512	49fe1c39e8783ec1a5c9ecea2879cc5d
.gfids	1024	838d9ccb887a97fc7dfaf1bae0eaec16
.tls	512	1f354d76203061bfdd5a53dae48d5435
.rsrc	23552	9cfa16a89cd797f9eeb7447fb4569c8c
.reloc	5632	82072bbf9ebc7efe43c3f893ba0f38d5

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for xmrig650.exe

copyright for information about xmrig650.exe

How to remove xmrig650.exe

xmrig650.exe

The module xmrig650.exe has been detected as Trojan.CoinMiner

File Details

Main Info:

XMRig

www.xmrig.com

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: