| 在线病毒检测器 | v.1.0.187.174 |
| 数据库版本: | 2024-09-15 16:00:50 |
CoinMiner是一种利用受害者的计算机资源(主要是CPU和RAM)进行加密货币挖掘(例如Monero或Zcash)的恶意软件。此恶意软件通过将开源挖掘工具集成到系统的启动例程中来建立持久性,而不需要用户的同意。高级的加密货币挖掘程序通常采用定时器配置或CPU使用限制等技术,以悄悄运行并避免检测。
| File | hdsentinel_pro_setup.exe |
| 已检查 | 2024-09-15 13:15:48 |
| MD5 | 254d72a9bfbb2d4cf592b7859f8544f2 |
| SHA1 | 1c371d0bd26b246dee21da7d7bbd3d6d585b6415 |
| SHA256 | bc332b649cc348074ecfe0b469410b9cbc70c700a96b8b02aa237076d5d366a6 |
| SHA512 | 7055cd6db535fac1348a0b7020b2607b3e6d600bdd013cbc6c6453375fdee2a5f6e9e02787b4aac46d9aac5ccf22e9e850f159cea82e99d283af7237d7e24417 |
| Imphash | 98f67c550a7da65513e63ffd998f6b2e |
| File Size | 40842399 bytes |
Gridinsoft能够识别并消除Trojan.Win32.CoinMiner.vl!n,无需进一步的用户干预。
| Translation | 0x0409 0x04b0 |
| CompanyName | Microsoft |
| ProductName | Win |
| FileVersion | 1.00 |
| ProductVersion | 1.00 |
| InternalName | Win |
| OriginalFilename | Win.exe |
 |
4b1fefe83f53ea8345f71f9ac77ab039 6203840098a7b7fd30d05465defe66d5 fffefec12545c000 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00403670 |
| Compilation: | 2011-06-14 19:01:16 |
| Checksum: | 0x006a2bff (Actual: 0x026ffc33) |
| OS Version: | 4.0 |
| PEiD: | MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows, MZ for MS-DOS |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 3 |
| Imports: | MSVBVM60, |
| Exports: | 0 |
| Resources: | 3 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0002a728 | 0x0002b000 | 6805a78c569a1d85aabd684522fa4102 | 5.95 |
| .data | 0x0002c000 | 0x00001b74 | 0x00001000 | 620f0b67a91f7f74151bc5be745b7110 | 0.00 |
| .rsrc | 0x0002e000 | 0x00012000 | 0x00001000 | 47d2e6021d770f22124863f447199aa3 | 5.73 |
