| 在线病毒检测器 | v.1.0.183.174 |
| 数据库版本: | 2024-07-26 08:00:38 |
特洛伊木马Agent是一种恶意软件,伪装成合法的文件或程序,以在受感染的计算机上执行各种有害操作,如数据窃取或网络犯罪分子的远程控制。
| File | Новая папка.exe |
| 已检查 | 2024-07-26 05:52:33 |
| MD5 | 292984f7d3e7347dd83b5e7bbbf74d3d |
| SHA1 | b15367dd00edab36c2cf2d131622c1d4e610ed84 |
| SHA256 | b81cc007f1fe9256403433920fbbe25ac45045313071be4c4e47e9ce5c386d68 |
| SHA512 | 65eeecc829604ed9bf7ee3eddb887d7955060c38467db4d393e57608c57a6aad801523e7ae95b4a93d99b3224cff8773dbdc47be9f8e4c81d7fc6422a741d460 |
| Imphash | fd50eeaa7137498c4740b429b41a482e |
| File Size | 551669 bytes |
Gridinsoft能够识别并消除Trojan.Win32.Agent.vb,无需进一步的用户干预。
| Comments | |
| FileDescription | |
| FileVersion | 0.0.0.0 |
| LegalCopyright | |
| Translation | 0x0809 0x04b0 |
 |
48aab7fda2ff09f59edaaacfb14178a1 bc08d13fa07a1d74d59eaf4b149689be aea2a2a2a2a2aaa2 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x0049b110 |
| Compilation: | 2007-07-11 08:21:32 |
| Checksum: | 0x00000000 (Actual: 0x0008fec0) |
| OS Version: | 4.0 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 3 |
| Imports: | KERNEL32, ADVAPI32, COMCTL32, comdlg32, GDI32, MPR, ole32, OLEAUT32, SHELL32, USER32, VERSION, WINMM, WSOCK32, |
| Exports: | 0 |
| Resources: | 28 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| UPX0 | 0x00001000 | 0x0006a000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| UPX1 | 0x0006b000 | 0x00031000 | 0x00030400 | 7defd61d99512436773b6cda6c19ace8 | 7.93 |
| .rsrc | 0x0009c000 | 0x00037000 | 0x00027600 | e1c110a8563e3c758a2b4dab3ee70996 | 6.85 |
