在线病毒检测器 | v.1.0.181.174 |
数据库版本: | 2024-07-07 00:00:24 |
Wacatac是一种属于计算机病毒广泛类别的恶意软件。它以其恶意功能而闻名,包括数据窃取、系统妥协和在受感染系统上执行勒索软件等附加恶意负载。
File | OneKey.exe |
已检查 | 2024-07-06 21:23:27 |
MD5 | b967a951488268dce91797d12ec4379a |
SHA1 | ca38f04ab266dd756dee6a667e3bfc897d83d065 |
SHA256 | a35c607f410213b4bd119c7faa88fd60717a97bd4c84da11ae515ee320fe5d81 |
SHA512 | a5c23c9d10a8eab75c96cdadaf4e108a6155a7474028a9a4649f35bc3b7c591d482f06a4131e97c94815727900801abbfe95668ff59c7dae7ca6552745b93a29 |
Imphash | 58c41d9c49c748c060398d3909617cc0 |
File Size | 2194944 bytes |
Gridinsoft能够识别并消除Ransom.Win32.Wacatac.sa,无需进一步的用户干预。
CompanyName | AOMEI Tech Co., Ltd. |
FileDescription | AOMEI OneKey |
FileVersion | 1, 7, 1, 0 |
InternalName | AorUi |
LegalCopyright | AOMEI International Network Limited, 2009-2021. |
OriginalFilename | AorUi.exe |
ProductName | AOMEI OneKey |
ProductVersion | 1, 7, 1, 0 |
Translation | 0x0409 0x04b0 |
7969cbdd390f76800af2080c1981c574 ff1328bd31da9240126b8c2f2421c588 b669cc9696cd6996 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x018ec5e7 |
Compilation: | 2021-12-01 01:01:16 |
Checksum: | 0x0021c815 (Actual: 0x0021c815) |
OS Version: | 4.0 |
PEiD: | MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS |
Sign: | The PE file does not contain a certificate table. |
Sections: | 3 |
Imports: | KERNEL32, OkFuncLogic, ntdll, QtCore4, QtGui4, urlmon, Comn, QtNetwork4, RPCRT4, QtWebKit4, USER32, COMDLG32, ADVAPI32, SHELL32, ole32, OLEAUT32, PE, MSVCP80, MSVCR80, WS2_32, WININET, WTSAPI32, VERSION, WINHTTP, |
Exports: | 1 |
Resources: | 11 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.MPRESS1 | 0x00001000 | 0x014eb000 | 0x001b1e00 | 154ce6b2b7ec90989e8031759192df78 | 8.00 |
.MPRESS2 | 0x014ec000 | 0x00001151 | 0x00001200 | 8f58ee7f9145231e75b6b970a29acb73 | 6.13 |
.rsrc | 0x014ee000 | 0x00064b78 | 0x00064c00 | 4c93a119f9889f1fc398ddb12b2b78da | 4.33 |