We checked up the file MACROMEDIA.EXE and found it hazardous.
The file MACROMEDIA.EXE must be deleted from the system immediately.
Kill the process MACROMEDIA.EXE and remove MACROMEDIA.EXE from the Windows startup.
Malware Analysis of MACROMEDIA.EXE
Full path on a computer: %Appdata%\WindowsPED\macromedia.exe
Detected by UnHackMe:
MACROMEDIA.EXE
Default location: %Appdata%\WindowsPED\macromedia.exe
Removal Results: Success
Number of reboot: 1
MACROMEDIA.EXE is known as:
Trojan.BitCoinMiner, not-a-virus:RiskTool.BitCoinMiner.coq, RiskTool.BitCoinMiner.Ix79zcXctZU, Trojan.Proxy.24717, Win32:BitCoinMiner-CG , a variant of Win32.BitCoinMiner.P, not-a-virus:RiskTool.BitCoinMiner
MACROMEDIA.EXE hash:
- MD5: 7d65b3cb365eb59429b403888cd93ce6
How to quickly detect MACROMEDIA.EXE presence?
![]( "Folders")
Folders:
![]( "Files")
Files:
Folders:- %Appdata%\WindowsPED
Files:- %Appdata%\WindowsPED\coinutil.dll
- %Appdata%\WindowsPED\kill.bat
- %Appdata%\WindowsPED\macromedia.exe
- %Appdata%\WindowsPED\miner.dll
- %Appdata%\WindowsPED\phatk.cl
- %Appdata%\WindowsPED\phatk.ptx
- %Appdata%\WindowsPED\run.vbs
- %Appdata%\WindowsPED\Shell.exe
- %Appdata%\WindowsPED\usft_ext.dll
- %Appdata%\WindowsPED\usft_ext.exe.vbs
- %Recent%\usft_ext.exe.lnk
- %Recent%\WindowsPED.lnk
- %Startup%\Skype.lnk