| 在线病毒检测器 | v.1.0.191.174 |
| 数据库版本: | 2024-10-07 18:00:56 |
键盘记录器被设计为在计算机或移动设备上秘密记录按键,捕获用户输入的一切内容,包括敏感信息如密码和信用卡号码。它可以被网络犯罪分子用来在用户不知情或未经同意的情况下窃取个人和机密数据。
| File | epic.exe |
| 已检查 | 2024-10-07 15:54:18 |
| MD5 | 0cf061ff391f467a683d11884d2ad520 |
| SHA1 | ed6212e71335f3707303da91c84993c149520d01 |
| SHA256 | 3ac8a1a80b1aea1542a42ac25b0b4d730cc9f3cebd9b2661686177a083e98c03 |
| SHA512 | 022e77fb62f3b5911172ef0b378b6f625fb940f475c6069c5146d179c0d426ba99a80f10fada8e5d1bdbd00c3ff3332dbf11f81469a75db29e79e71d0fe616d3 |
| Imphash | a08599a345be82fd3b030fa5c3b87d5b |
| File Size | 1114624 bytes |
Gridinsoft能够识别并消除Spy.Win64.Keylogger.cld,无需进一步的用户干预。
| Image Base: | 0x140000000 |
| Entry Point: | 0x14004b1f8 |
| Compilation: | 2020-09-28 01:46:49 |
| Checksum: | 0x00000000 (Actual: 0x0011406e) |
| OS Version: | 6.0 |
| PDB Path: | C:\Users\epic\source\repos\external\x64\Release\external.pdb |
| PEiD: | PE32+ executable (console) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 7 |
| Imports: | d3d11, D3DCOMPILER_47, WINMM, KERNEL32, USER32, ADVAPI32, IMM32, XINPUT1_4, |
| Exports: | 0 |
| Resources: | 1 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00077fb8 | 0x00078000 | b269bc1358dfa7bec643f1b127cff3ab | 6.57 |
| .rdata | 0x00079000 | 0x0008ffe2 | 0x00090000 | 2ff58a1e2c1863317e2176058da3ef61 | 6.20 |
| .data | 0x00109000 | 0x000047cc | 0x00001600 | 55f33f0b7139667ef2f6621a0cf9d8b8 | 2.92 |
| .pdata | 0x0010e000 | 0x0000522c | 0x00005400 | 59067e23fd3efe8195fb4ded7b92201e | 5.79 |
| _RDATA | 0x00114000 | 0x00000094 | 0x00000200 | da93846c3f9a3fcf99dd5edaee655c3d | 1.46 |
| .rsrc | 0x00115000 | 0x000001e0 | 0x00000200 | da9e8769aa702da1ca0713d6a0336d18 | 4.71 |
| .reloc | 0x00116000 | 0x00000e10 | 0x00001000 | 6c76bba69357747bb32a1043da070b52 | 5.15 |
