| 在线病毒检测器 | v.1.0.181.174 |
| 数据库版本: | 2024-07-04 16:00:33 |
此文件需要进行更多的潜在威胁检查。根据可疑指标,我们将很快将其添加到我们的病毒数据库中。
| File | mortemsuck.dll |
| 已检查 | 2024-07-04 13:25:47 |
| 类型 | Win32 DLL |
| 威胁 | Trojan Vmprotect |
| MD5 | 76d0869f111f717120806c6bc9fa4bc8 |
| SHA1 | 3441d2a2a14a2431fbc956216a4c2dad205a276a |
| SHA256 | b0dac6b9c202a2ad01739dbda54f1b8bc75d3afe018163ccea2985d08b1540ba |
| SHA512 | a58a6c1720823b5525403b01b1b8dfce7d8371092627ba1c72675d9500d858d7b81a7b3de6e1c4e2277bcca8ebfaa57fb59b393b0d1f5bc11999839b1bf81a1e |
| Imphash | ca072c85de402ad2ed1f58e0306011a4 |
| File Size | 5720576 bytes |
Gridinsoft反恶意软件具有更强大的病毒扫描引擎。我们建议使用它进行对受感染系统的更精确诊断。这个简要指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
| Image Base: | 0x180000000 |
| Entry Point: | 0x180404c98 |
| Compilation: | 2024-02-25 14:53:34 |
| Checksum: | 0x00000000 (Actual: 0x0057ff83) |
| OS Version: | 6.0 |
| PEiD: | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 9 |
| Imports: | KERNEL32, USER32, GDI32, OPENGL32, WTSAPI32, |
| Exports: | 0 |
| Resources: | 1 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00013d12 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .rdata | 0x00015000 | 0x0000aa1a | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .data | 0x00020000 | 0x00001fd8 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .pdata | 0x00022000 | 0x00001440 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| _RDATA | 0x00024000 | 0x000001f4 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .vmp0 | 0x00025000 | 0x00388582 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .vmp1 | 0x003ae000 | 0x00574064 | 0x00574200 | aeaf942ea16f6151698678fe542a2203 | 7.91 |
| .reloc | 0x00923000 | 0x000000e0 | 0x00000200 | 4cefb2e9e57b5bf6eb1708af13f599ba | 2.11 |
| .rsrc | 0x00924000 | 0x000001d5 | 0x00000200 | 40e5d2addc62a170629dcf7f13ed7e98 | 4.72 |
