| 在线病毒检测器 | v.1.0.179.174 |
| 数据库版本: | 2024-06-21 17:00:30 |
键盘记录器被设计为在计算机或移动设备上秘密记录按键,捕获用户输入的一切内容,包括敏感信息如密码和信用卡号码。它可以被网络犯罪分子用来在用户不知情或未经同意的情况下窃取个人和机密数据。
| File | monroe.exe |
| 已检查 | 2024-06-21 14:09:28 |
| MD5 | 48a1aaaf92d99e5b2b7b57d9fa74101b |
| SHA1 | 2f57aca56805c63e240a103d8a9e6e364aec5a15 |
| SHA256 | 7175808e26ebfbe7c3792ac5c9af7b14ead9278f6b0880260ea31b8a65ec110d |
| SHA512 | 2640c7459b5f1c67e4c6fdc0d2c71d15a7b232c4ee42a2d8473eef91c755191b4550f4f19e0e83ba27cbcc80f811459be5f2cb43439507d9b212b7ed59b7aab8 |
| Imphash | 2ac23c52e7647c5bbea38e98bb68c652 |
| File Size | 33801823 bytes |
Gridinsoft能够识别并消除Spy.Win64.Keylogger.oa!s1,无需进一步的用户干预。
 |
f95ab371eda8bfd9cc07cd5d9d0276bc 2051867c37a4c17c7558c323dc8ce700 b48ac8e4ece8b0fb |
| Image Base: | 0x140000000 |
| Entry Point: | 0x14000be20 |
| Compilation: | 2024-06-21 14:04:39 |
| Checksum: | 0x0204a599 (Actual: 0x0204a599) |
| OS Version: | 5.2 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32, |
| Exports: | 0 |
| Resources: | 11 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00028f60 | 0x00029000 | de5b7deeb13436557c4ba84aa3d5b3fb | 6.48 |
| .rdata | 0x0002a000 | 0x00012510 | 0x00012600 | 8fdee5c4063858f640aa8aee5d1dc9da | 5.76 |
| .data | 0x0003d000 | 0x000073c8 | 0x00000e00 | 8013c58834a08435a779ff436ff10eb7 | 1.83 |
| .pdata | 0x00045000 | 0x000021c0 | 0x00002200 | d16e38966953c987eb484ac72e115d6c | 5.43 |
| .rsrc | 0x00048000 | 0x0002ec08 | 0x0002ee00 | b762dee7b56c0b35b07069638263d056 | 5.43 |
| .reloc | 0x00077000 | 0x00000768 | 0x00000800 | be4464056c7d34453c1e26c7294816ee | 5.28 |
