在线病毒检测器 | v.1.0.182.174 |
数据库版本: | 2024-07-16 14:00:17 |
Wacatac是一种属于计算机病毒广泛类别的恶意软件。它以其恶意功能而闻名,包括数据窃取、系统妥协和在受感染系统上执行勒索软件等附加恶意负载。
File | PowerISO.v8.4.exe |
已检查 | 2024-07-16 11:26:11 |
MD5 | d09534a4178c41067562b80bf9098489 |
SHA1 | bc5c96578ba9dadf157ff1e06419e1bae23273e4 |
SHA256 | ba7ed53839bfb596dda7e4aef8e5721fe6196eccbb8cde9a2c83bd3f8e9ce091 |
SHA512 | e0e0cd5f4fa8fa12a7c63420a14250ca95246c576174e753b360b29b14e2e7416813d3608eda6eaae0afd7020961f04ba1f4b8e0741302e0fa2f40b2fc0b0414 |
Imphash | 24f4223e271413c25abad52fd456a9bc |
File Size | 9457615 bytes |
Gridinsoft能够识别并消除Ransom.Win32.Wacatac.cld,无需进一步的用户干预。
Comments | |
CompanyName | Power Software Ltd |
FileDescription | PowerISO v8.4 |
FileVersion | 8.4.0.0 |
LegalCopyright | © Power Software Ltd |
ProductName | PowerISO v8.4 |
Translation | 0x0419 0x04e3 |
7bebfcd5f6a2d91d6ca56ca62606dc37 bf33cf26010651298db60d32faac6efb 71f0f0ccccf0f071 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x0040350d |
Compilation: | 2019-12-16 00:54:10 |
Checksum: | 0x00000000 (Actual: 0x009098b4) |
OS Version: | 4.0 |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 5 |
Imports: | KERNEL32, USER32, GDI32, SHELL32, ADVAPI32, COMCTL32, ole32, |
Exports: | 0 |
Resources: | 17 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0000647b | 0x00006600 | 666009bcc881dfa69c2598261539c74e | 6.42 |
.rdata | 0x00008000 | 0x00001384 | 0x00001400 | c0b38cbc803107c82ebed5a1c15c1ffa | 5.14 |
.data | 0x0000a000 | 0x00066358 | 0x00000600 | 8ba920d3411caa9695a5cbe62f73d325 | 4.00 |
.ndata | 0x00071000 | 0x0008c000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.rsrc | 0x000fd000 | 0x00025ca8 | 0x00025e00 | 00ea1b7799620c0255b1ebbae91747d5 | 5.68 |