| 在线病毒检测器 | v.1.0.138.174 |
| 数据库版本: | 2023-09-14 10:02:20 |
Neshta是一种恶意软件,它收集敏感的系统信息,并有可能传播到可移动存储设备和网络共享。它经常被用于针对金融、消费品、能源和制造等行业的公司的有针对性攻击,对系统安全构成严重威胁,需要立即移除。
| File | Aud |
| 已检查 | 2023-09-14 07:15:03 |
| MD5 | e185fe1f36fb07d6b85a71a20acc58db |
| SHA1 | c32b828888f0bab5485dbb98da1ea1f7b0bcbfef |
| SHA256 | 907ca6d311ca53125aa321e39a288adae25fd45eef884dafe8d88aa9547e9fe9 |
| SHA512 | c1eb972ceaceccbaa0558ad8a988957a7ac5cf6f515dd7b451f38403e86b90df7a473b7830334526da9da893c47c5b07e38461509422e1d11148a4bbfbaeb19a |
| Imphash | 07d7bb1cc7a7a15621fdda29041fa17d |
| File Size | 2068487 bytes |
Gridinsoft能够识别并消除Virus.Win32.Neshta.sa,无需进一步的用户干预。
| DigiCert Trusted Root G4 | DigiCert Inc (US) |
| DigiCert Trusted Root G4 | DigiCert, Inc. (US) |
| DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 | Chengdu ShanHe Information Technology Co., Ltd. (CN) |
| 验证 | The expected hash does not match the digest in SpcInfo |
| CompanyName | iTop Inc. |
| FileDescription | iTop VPN |
| FileVersion | 5.0.0.4294 |
| InternalName | Aud |
| LegalCopyright | © iTop Inc. All rights reserved. |
| LegalTrademarks | iTop Inc. |
| OriginalFilename | aud.exe |
| ProductName | iTop VPN |
| ProductVersion | 5.0 |
| Comments | iTop Inc. AUpdate |
| Translation | 0x0409 0x04e4 |
 |
6d158d881d3c5f981b514f1a2eebc2c6 00f093ca5233c12c497c0f3fc1557273 8990ae8e9a86ac52 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x0059e9fc |
| Compilation: | 2023-07-05 12:41:05 |
| Checksum: | 0x001f1219 (Actual: 0x001f92e8) |
| OS Version: | 5.0 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | The expected hash does not match the digest in SpcInfo |
| Sections: | 10 |
| Imports: | oleaut32, advapi32, user32, kernel32, msimg32, gdi32, version, ole32, wininet, shell32, comctl32, comdlg32, wsock32, |
| Exports: | 1 |
| Resources: | 46 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0019bc58 | 0x0019be00 | 9886238fd248a0957d856a0bac185fc4 | 6.44 |
| .itext | 0x0019d000 | 0x00003dc0 | 0x00003e00 | ef2ee34337dbe5225c6de4e1756b2334 | 6.34 |
| .data | 0x001a1000 | 0x000141ac | 0x00014200 | 4bb16cb392a4a4ac3d655347a8565353 | 6.29 |
| .bss | 0x001b6000 | 0x00047854 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .idata | 0x001fe000 | 0x0000442c | 0x00004600 | 9e4a1e0e097ab398e4ee101bcbee8229 | 5.21 |
| .edata | 0x00203000 | 0x0000004a | 0x00000200 | 441e776c8a0d6ffba3ab58e1a361ab0e | 0.77 |
| .tls | 0x00204000 | 0x00000250 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .rdata | 0x00205000 | 0x00000018 | 0x00000200 | f20791ae136b61b4daed18a313b13351 | 0.21 |
| .reloc | 0x00206000 | 0x00017fc8 | 0x00018000 | 62a0a2d9e2f012a319594f19b0234c26 | 6.71 |
| .rsrc | 0x0021e000 | 0x00010c00 | 0x00010c00 | 6253f52f0291b92b249fd9e3fb470c4d | 4.54 |
