在线病毒检测器 | v.1.0.181.174 |
数据库版本: | 2024-07-01 04:00:21 |
RedLine Stealer是一种恶意程序,旨在从浏览器、系统和已安装软件中窃取用户的机密数据。它通常通过电子邮件附件或被攻陷的网站传递。RedLine不仅窃取敏感信息,还通过引入其他恶意软件到受害者的操作系统中构成重大威胁。这种双重攻击方式使RedLine成为一个强大而危险的网络威胁。
File | Pass-free-Application SetupFile - (17.1).exe |
已检查 | 2024-07-01 01:36:33 |
MD5 | 1da391216cc9aff69749fdac87a879d9 |
SHA1 | e2c2c94da29f9e8bcbab62c44e0747c66ec584db |
SHA256 | acbb409f6fbe45fe6be7346c2d5ef43b86e095b2f63fe83d3edb4d3ca9eb4d7b |
SHA512 | 1338b81cea87a6c62f82f97f2fb4a403f416ccac587c5f3eccf8764a6c9ea742a1d8b1092e1a19e84fde198991c21fcf9f91377b95c56e2e1e89188a11bda97f |
Imphash | 4328f7206db519cd4e82283211d98e83 |
File Size | 5212972 bytes |
Gridinsoft能够识别并消除Trojan.Win32.RedLine.mz!n,无需进一步的用户干预。
Translation | 0x0000 0x04b0 |
Comments | XHP Booster |
CompanyName | |
FileDescription | XHP |
FileVersion | 12.9.1.22 |
InternalName | Sciuroid.exe |
LegalCopyright | XHP Corporation Copyright © 2021 |
LegalTrademarks | |
OriginalFilename | Sciuroid.exe |
ProductName | XHP booster |
ProductVersion | 12.9.1.22 |
Assembly Version | 1.1.21.1 |
ada816cac25348d7b036f9c18922a16f 1baadf36d228b92c847a336cfc91f4d5 42b2b232b3db7a7c |
|
Image Base: | 0x00400000 |
Entry Point: | 0x00fba000 |
Compilation: | 2058-09-15 10:12:13 |
Checksum: | 0x00500a83 (Actual: 0x004ffc49) |
OS Version: | 4.0 |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The expected hash does not match the digest in SpcInfo |
Sections: | 8 |
Imports: | kernel32, mscoree, |
Exports: | 0 |
Resources: | 5 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.text | 0x00002000 | 0x0002e000 | 0x0002d000 | 450a22013556c11cfdb40f8c9463b671 | 6.17 |
0x00030000 | 0x00057d00 | 0x0000a587 | d4dab3466bc898c4e2e4d94938bf3e10 | 7.95 | |
0x00088000 | 0x0000000c | 0x0000000f | dabdefa336fd2360080702918a0fc8b0 | 3.77 | |
.imports | 0x0008a000 | 0x00002000 | 0x00000400 | e2b83645846e513b1d6cbb3d25fa4ed0 | 0.64 |
.rsrc | 0x0008c000 | 0x0003fc00 | 0x0003fc00 | 37cbecb150cdbcd0014ff74d366e0930 | 4.72 |
.themida | 0x000cc000 | 0x00672000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.boot | 0x0073e000 | 0x0047bc00 | 0x0047bc00 | 87821c556b6156f7f7861045241574bc | 7.95 |
.taggant | 0x00bba000 | 0x00002400 | 0x00002014 | 27ec1d1a4d402e02e2ee2f0f4f5d4570 | 6.84 |