| 在线病毒检测器 | v.1.0.158.174 |
| 数据库版本: | 2024-02-05 08:00:28 |
STOP/Djvu勒索软件,也简称为STOP勒索软件或Djvu勒索软件,是一种恶意软件,它加密受害者计算机上的文件,并要求赎金以解密这些文件。这种勒索软件变种已经活跃了数年,影响了众多用户和组织。
| File | Stupido |
| 已检查 | 2024-02-05 06:48:34 |
| MD5 | faf9bf89fd060a85d2fcc98e9d511a8b |
| SHA1 | 08d256665c3aa89eafa123cfb965c8c1b4b5f5d0 |
| SHA256 | 97cb23085479e9562332ae56eed070d3c9a001518066132ec5d24041336bcf98 |
| SHA512 | 318bb22a79f511421f209f0ee1a8367addfa4c7355f4000bce80b2d18beab450d927c2910eb3f4f2e6f7b5924c623f531eb9c46c80e11123298af721054c4ba1 |
| Imphash | ebe35e0085e613a421d4abea9476d495 |
| File Size | 793088 bytes |
Gridinsoft能够识别并消除Ransom.Win32.STOP.tr,无需进一步的用户干预。
| FileVersion | 67.89.5.53 |
| ProductVersion | 61.55.12.25 |
| InternalName | Stupido |
| LegalCopyright | Silent news |
| CompanyName | Torque |
| Translation | 0x179b 0x02fb |
 |
48ed4901907c6101bbadd0dbada6f794 a601d18453d55868098ac1200c136d7e d2f0e4c4e4f9c6f9 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x004016ff |
| Compilation: | 2023-02-09 18:15:46 |
| Checksum: | 0x000c8b1a (Actual: 0x000c8b1a) |
| OS Version: | 5.1 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 7 |
| Imports: | KERNEL32, USER32, ADVAPI32, |
| Exports: | 0 |
| Resources: | 27 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000ab39e | 0x000ab400 | a2816f7bf4974a67a414947a178ed6ae | 7.92 |
| .rdata | 0x000ad000 | 0x0000360c | 0x00003800 | 191fd17513bf5ad31aee17321515198e | 4.99 |
| .data | 0x000b1000 | 0x00008044 | 0x00002200 | ef3fa80fe4162e0bbd662362e18980fa | 2.13 |
| .lubab | 0x000ba000 | 0x0000007c | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
| .tls | 0x000bb000 | 0x000009cd | 0x00000a00 | a371492f16c0940507435909603efe88 | 0.00 |
| .cimi | 0x000bc000 | 0x00000400 | 0x00000400 | 0f343b0931126a20f133d67c2b018a3b | 0.00 |
| .rsrc | 0x000bd000 | 0x0000f658 | 0x0000f800 | 3263639fe4e76189b15b337e889badd3 | 5.97 |
