How to remove UpdateAction_100_WINTTF.exe

UpdateAction_100_WINTTF.exe

The module UpdateAction_100_WINTTF.exe has been detected as Trojan.CoinMiner

UpdateAction_100_WINTTF.exe
Product Name:

한컴오피스 글꼴 업데이트

Company Name:

MD5: bec0687f2398bcf5ad891fb01933e419
Size: 12 MB
First Published: 2018-11-29 09:14:11 (6 years ago)
Latest Published: 2023-10-26 23:20:41 (a year ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2023-10-26 23:20:41 (a year ago)
Signed By: HANCOM. INC,
Status: Valid
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
%windir%\fonts
99.3%
0.7%
Windows 10 93.6%
Windows 7 6.4%
Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000113bc

PE Sections:

Name Size of data MD5
.text 61952 3a126e478661f20816f9d9285615f98e
.itext 3072 ba48b9b17b3dd8b92da3bd93f20ddb34
.data 3584 d7fd5f4b562d7961758f3d6a8c834fd0
.bss 0 00000000000000000000000000000000
.idata 3584 93d91a2b90e60bd758fc0c4908856ae1
.tls 0 00000000000000000000000000000000
.rdata 512 3dffc444ccc131c9dcee18db49ee6403
.rsrc 82432 56c6f002fb50c7d9fc7b750102ba912d

More information:

Download GridinSoft Anti-Malware - Removal tool for UpdateAction_100_WINTTF.exe