| 在线病毒检测器 | v.1.0.179.174 |
| 数据库版本: | 2024-06-13 16:00:39 |
键盘记录器被设计为在计算机或移动设备上秘密记录按键,捕获用户输入的一切内容,包括敏感信息如密码和信用卡号码。它可以被网络犯罪分子用来在用户不知情或未经同意的情况下窃取个人和机密数据。
| File | monroe.exe |
| 已检查 | 2024-06-13 13:33:10 |
| MD5 | c62105cb21fbfe261bfc864cfa23c20e |
| SHA1 | 819cfb5ad909f69b26b7a8470b5181b303d3536f |
| SHA256 | 4f5164724a7050a9fa5f656aae4f54230859cf4360e0f07a0c4624cf16311495 |
| SHA512 | 1eb6aebd6e8ccaa131fd5ce0fc2609d3f43283cde7d60bda68388d84bca02307abbbe4c2ee5d44c7521c288b9812310ec7eec100ca15077eecd4a7c00f1ecb7a |
| Imphash | 2ac23c52e7647c5bbea38e98bb68c652 |
| File Size | 23431694 bytes |
Gridinsoft能够识别并消除Spy.Win64.Keylogger.oa!s1,无需进一步的用户干预。
 |
aa37f6011c794f6b579a56ec42aade01 fc946ff75f49a8f370ae5d1ffc9ded9e 074948242c0b864e |
| Image Base: | 0x140000000 |
| Entry Point: | 0x14000be20 |
| Compilation: | 2024-06-12 22:29:16 |
| Checksum: | 0x01660edc (Actual: 0x01660edc) |
| OS Version: | 5.2 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32, |
| Exports: | 0 |
| Resources: | 3 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00028f60 | 0x00029000 | de5b7deeb13436557c4ba84aa3d5b3fb | 6.48 |
| .rdata | 0x0002a000 | 0x00012510 | 0x00012600 | 42ac678994d6e23a9387d1462bb21caa | 5.76 |
| .data | 0x0003d000 | 0x000073c8 | 0x00000e00 | 8013c58834a08435a779ff436ff10eb7 | 1.83 |
| .pdata | 0x00045000 | 0x000021c0 | 0x00002200 | d16e38966953c987eb484ac72e115d6c | 5.43 |
| .rsrc | 0x00048000 | 0x00001634 | 0x00001800 | 651840787a33388ad6a76381d650918d | 6.38 |
| .reloc | 0x0004a000 | 0x00000768 | 0x00000800 | be4464056c7d34453c1e26c7294816ee | 5.28 |
