在线病毒检测器 | v.1.0.181.174 |
数据库版本: | 2024-07-09 05:00:26 |
特洛伊木马Agent是一种恶意软件,伪装成合法的文件或程序,以在受感染的计算机上执行各种有害操作,如数据窃取或网络犯罪分子的远程控制。
File | Launcher.exe |
已检查 | 2024-07-09 02:39:25 |
MD5 | dd890ad82c90a625066bfe5f10f1665f |
SHA1 | 4f3ff52664b865abbb64c102d77c45cab92db980 |
SHA256 | 4106d666c051a12e8a64c0deab09c2324f479a4dfe43d2fc449c9cb835287a13 |
SHA512 | 0540a08a63f3d1616d75df965d4b78a6c73a044e525075608de26597500f5dc5dbd0b90a6294fc68655e57a905ca63f2fff89804234b5a92d36c21e89d6e952a |
Imphash | ca4ae1e5dcaa1400a15d21fe8a942a86 |
File Size | 22016 bytes |
Gridinsoft能够识别并消除Trojan.Win64.Agent.sa,无需进一步的用户干预。
Image Base: | 0x140000000 |
Entry Point: | 0x140002870 |
Compilation: | 2024-07-08 10:03:29 |
Checksum: | 0x00000000 (Actual: 0x00010464) |
OS Version: | 6.0 |
PDB Path: | E:\Work\Projects\Pipsi\Pipsi-ZZZ\x64\Release\Launcher.pdb |
PEiD: | PE32+ executable (console) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 6 |
Imports: | KERNEL32, USER32, COMDLG32, VCRUNTIME140, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-locale-l1-1-0, |
Exports: | 0 |
Resources: | 1 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0000256c | 0x00002600 | ce31b58fbc41523064e2fce016e4981b | 5.86 |
.rdata | 0x00004000 | 0x000020a6 | 0x00002200 | 778b65e91049d9169ea0d02d59773aba | 4.41 |
.data | 0x00007000 | 0x00000718 | 0x00000200 | 6d40e27a4c43eed2bc6f930094bfef53 | 1.99 |
.pdata | 0x00008000 | 0x000002dc | 0x00000400 | 896c9d38dfe83a8e9c7084d16a229e18 | 3.08 |
.rsrc | 0x00009000 | 0x000001e8 | 0x00000200 | b62c408e2a33a54eed41bd643e2fddee | 4.76 |
.reloc | 0x0000a000 | 0x00000058 | 0x00000200 | 875179acc58d832623dd792539ebba49 | 1.16 |