| 在线病毒检测器 | v.1.0.182.174 |
| 数据库版本: | 2024-07-16 05:00:16 |
STOP/Djvu勒索软件,也简称为STOP勒索软件或Djvu勒索软件,是一种恶意软件,它加密受害者计算机上的文件,并要求赎金以解密这些文件。这种勒索软件变种已经活跃了数年,影响了众多用户和组织。
| File | sample.mlw |
| 已检查 | 2024-07-16 02:29:58 |
| MD5 | b6acef912b67bdaa8e568ab3c89f93df |
| SHA1 | f11ec9ab98cdeca9f4ff4f7f536a7b686afa836f |
| SHA256 | 1d1a38cc4675a88f82d160130632437455ea085e10a4c17a006d6431ab9d85f5 |
| SHA512 | 34194c8d8462b7217072d7a0f5fc30c2a1d10a93fac6ba16c0e1ff5389797982e001c9307fefc97b4ae5a87afc2e5ab2b8ab1158d893e301c7b940ada0f10a7b |
| Imphash | f444f4b23daa661cebb35517c7e0cdb5 |
| File Size | 766464 bytes |
Gridinsoft能够识别并消除Ransom.Win32.STOP.tr,无需进一步的用户干预。
| FileVersions | 2.76.74.12 |
| InternalName | Heat |
| FileDescription | SeelsLike |
| LegalCopyright | Copyright (C) 2023, Nabisradig |
| OriginalFilenames | Odlasig |
| ProductName | Porezot |
| ProductVersions | 75.98.42.52 |
| Translation | 0x0f7f 0x041e |
 |
22349136012be236df9b52556ca5eca8 1d61926d80b3e99b90000f7b674e6299 bce9f6f2e0c4ebf4 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00404a34 |
| Compilation: | 2023-04-22 21:03:17 |
| Checksum: | 0x000bd07e (Actual: 0x000bd07e) |
| OS Version: | 5.1 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | KERNEL32, USER32, |
| Exports: | 0 |
| Resources: | 19 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000a055f | 0x000a0600 | 044ae8d2f1538bde2994f9c418162e09 | 7.97 |
| .rdata | 0x000a2000 | 0x00004e2a | 0x00005000 | 29e76c54d377370d4a89edc3322c2027 | 4.89 |
| .data | 0x000a7000 | 0x01c50824 | 0x0000bc00 | fadd59990ca21992d25d7016639b9607 | 0.55 |
| .huhur | 0x01cf8000 | 0x00000400 | 0x00000400 | 0f343b0931126a20f133d67c2b018a3b | 0.00 |
| .rom | 0x01cf9000 | 0x00001846 | 0x00001a00 | 3c63825015aabd810674f44afac6d12b | 0.00 |
| .rsrc | 0x01cfb000 | 0x00007d58 | 0x00007e00 | edff40c7c9709761b88bbe54e9dadb87 | 4.06 |
