How to remove xmrigServer.exe
- File Details
- Overview
- Analysis
xmrigServer.exe
The module xmrigServer.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
5f75f476890320dded19cc1860d15d69 |
| Size: |
4 MB |
| First Published: |
2021-01-06 10:29:43 (4 years ago) |
| Latest Published: |
2021-01-06 10:36:04 (4 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2021-01-06 10:36:04 (4 years ago) |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000\$rcmy3u6\new folder |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000\$rcmy3u6\new folder\xmrigcc-2.8.0-with_tls_and_gzip-gcc-win64(1).zip |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000\$r1h0rt7\xmrigcc-2.8.0-with_tls_and_gzip-gcc-win64.zip |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000 |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000\$rcmy3u6\xmrigcc-2.8.0-with_tls_and_gzip-gcc-win64(1).zip |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000\$r1h0rt7 |
| %sysdrive%\$recycle.bin\s-1-5-21-2649899950-350314689-1133762106-1000 |
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000400000 |
| Entry Address: |
0x000014e0 |
| Name |
Size of data |
MD5 |
| .text |
3645440 |
746b0d6bd8d0c5f2c667cbcddc0c154b |
| .data |
36864 |
e1e01dcc751a9e65f075311dc1e84d45 |
| .rdata |
688128 |
48f54621acdd192d15175dca7fdd7e23 |
| .pdata |
150528 |
67f4c28dcbb21bb291546aa2af0b4e53 |
| .xdata |
173568 |
12dda3826802844444f154b2ac2d5f3b |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
16384 |
caa205977d18cd4fdbc754f256c3767c |
| .CRT |
512 |
deeab5f9f9e3df3b2a13c2fdc41a4d20 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
130584 |
71b83885d236b3fb1eef276f8b84aed7 |
