| 在线病毒检测器 | v.1.0.180.174 |
| 数据库版本: | 2024-06-26 04:00:26 |
特洛伊木马Agent是一种恶意软件,伪装成合法的文件或程序,以在受感染的计算机上执行各种有害操作,如数据窃取或网络犯罪分子的远程控制。
| File | kn.exe |
| 已检查 | 2024-06-26 01:22:34 |
| MD5 | 88f27456260a846b7409faefebe7a7aa |
| SHA1 | 7be65f33227d858b55ed3b131931a900973c9fef |
| SHA256 | 7d2982eac1e9ea52b24ad75976fa28e5fbe271d70dc2079b22fa458a2cdb71d1 |
| SHA512 | c45a9ceca0a922bdb23093c12cbda0931608e55fd9025c1f03dc0313b8ab56d4141128220c5d2f9635510f6aa90af800176b5a15d19ab61229afbf1c43cb1df8 |
| Imphash | 6ed4f5f04d62b18d96b26d6db7c18840 |
| File Size | 484352 bytes |
Gridinsoft能够识别并消除Trojan.Win32.Agent.cld,无需进一步的用户干预。
| Image Base: | 0x00400000 |
| Entry Point: | 0x00587420 |
| Compilation: | 1970-01-01 00:00:00 |
| Checksum: | 0x00000000 (Actual: 0x0007a661) |
| OS Version: | 6.1 |
| PEiD: | PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 3 |
| Imports: | KERNEL32, |
| Exports: | 0 |
| Resources: | 0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00111000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .data | 0x00112000 | 0x00076000 | 0x00076000 | 49a6b675575c438319ac013f13b67b02 | 8.00 |
| .rdata | 0x00188000 | 0x00001000 | 0x00000200 | 071e87e661c684de41f0d9e3f0f65cec | 1.55 |
