| 在线病毒检测器 | v.1.0.179.174 |
| 数据库版本: | 2024-06-16 20:00:26 |
键盘记录器被设计为在计算机或移动设备上秘密记录按键,捕获用户输入的一切内容,包括敏感信息如密码和信用卡号码。它可以被网络犯罪分子用来在用户不知情或未经同意的情况下窃取个人和机密数据。
| File | Dupe by Erofeev.exe |
| 已检查 | 2024-06-16 17:29:51 |
| MD5 | 28dd5673ceb150a9d4051b785ec4a1ab |
| SHA1 | 1421b6b10f9ce887c77be5238b43aeacac36f26d |
| SHA256 | a9056788322943c53f3e0bb1a5a9df71b6915065ec0fb920db1b8a61dc281ed4 |
| SHA512 | 980537d010f49f951d3fd16b8df6efdb309522a2453f3a14a1b70aaedfe2ab21be3802e966651c057a4c8c5658c7513e83f082bfc20bc85aee466f201705b878 |
| Imphash | 2ac23c52e7647c5bbea38e98bb68c652 |
| File Size | 7180691 bytes |
Gridinsoft能够识别并消除Spy.Win64.Keylogger.oa!s1,无需进一步的用户干预。
| CompanyName | Microsoft Corporation |
| FileDescription | File Encryption Utility |
| FileVersion | 10.0.19041.1 (WinBuild.160101.0800) |
| InternalName | cipher |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | CIPHER.EXE |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 10.0.19041.1 |
| Translation | 0x0409 0x04b0 |
 |
c3f4aec44bccec200d60022e400c9574 d54886dd84ccf2e454929c069b5280ee 4779f9c1c8ccf061 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x14000be20 |
| Compilation: | 2024-06-15 14:57:19 |
| Checksum: | 0x006e32c3 (Actual: 0x006dc870) |
| OS Version: | 5.2 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The expected hash does not match the digest in SpcInfo |
| Sections: | 6 |
| Imports: | USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32, |
| Exports: | 0 |
| Resources: | 9 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00028f60 | 0x00029000 | de5b7deeb13436557c4ba84aa3d5b3fb | 6.48 |
| .rdata | 0x0002a000 | 0x00012510 | 0x00012600 | c69fc27da3db6bbb0de534f3f2971d84 | 5.76 |
| .data | 0x0003d000 | 0x000073c8 | 0x00000e00 | 8013c58834a08435a779ff436ff10eb7 | 1.83 |
| .pdata | 0x00045000 | 0x000021c0 | 0x00002200 | d16e38966953c987eb484ac72e115d6c | 5.43 |
| .rsrc | 0x00048000 | 0x00006e44 | 0x00007000 | 1074c9cd4107f4bfa8115c78f7d27cf1 | 7.88 |
| .reloc | 0x0004f000 | 0x00000768 | 0x00000800 | be4464056c7d34453c1e26c7294816ee | 5.28 |
