| 在线病毒检测器 | v.1.0.185.174 |
| 数据库版本: | 2024-08-29 15:00:36 |
CoinMiner是一种利用受害者的计算机资源(主要是CPU和RAM)进行加密货币挖掘(例如Monero或Zcash)的恶意软件。此恶意软件通过将开源挖掘工具集成到系统的启动例程中来建立持久性,而不需要用户的同意。高级的加密货币挖掘程序通常采用定时器配置或CPU使用限制等技术,以悄悄运行并避免检测。
| File | psrockola4.exe |
| 已检查 | 2024-08-29 12:30:03 |
| MD5 | ac20c47658b82e7592d22e19b73c140f |
| SHA1 | f0423a6324bba0ec262a26273b0306a08619e935 |
| SHA256 | 7b8aaa6eb1c0466167c01d9ad636475554ee14de43682a96191e20158b592097 |
| SHA512 | b6cea4b3a0255f3df616ac3964daf0d4d22c6484e885a247d4fe9edb0a1108ded11737e22038b11022b1f584312f212f501431cfa3e81386154faf5c1eb7e0aa |
| Imphash | 98f67c550a7da65513e63ffd998f6b2e |
| File Size | 1659788 bytes |
Gridinsoft能够识别并消除Trojan.Win32.CoinMiner.vl!n,无需进一步的用户干预。
| Translation | 0x0409 0x04b0 |
| CompanyName | Microsoft |
| ProductName | Win |
| FileVersion | 1.00 |
| ProductVersion | 1.00 |
| InternalName | Win |
| OriginalFilename | Win.exe |
 |
7099d3367bdacf3cb9b6e592d970caa7 ac6791639053597d38292d8c2a3d8c77 b8f8f0c4ccec7818 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00403670 |
| Compilation: | 2011-06-14 19:01:16 |
| Checksum: | 0x00000000 (Actual: 0x0019df27) |
| OS Version: | 4.0 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 3 |
| Imports: | MSVBVM60, |
| Exports: | 0 |
| Resources: | 3 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0002a728 | 0x0002b000 | 6210496901feb00875f86dccc0b63585 | 5.96 |
| .data | 0x0002c000 | 0x00001b74 | 0x00001000 | 620f0b67a91f7f74151bc5be745b7110 | 0.00 |
| .rsrc | 0x0002e000 | 0x00013000 | 0x00013000 | dbc2b41fd878e8fe2c76ce0c96b7648d | 7.90 |
