| 在线病毒检测器 | v.1.0.171.174 |
| 数据库版本: | 2024-04-09 18:00:35 |
CoinMiner是一种利用受害者的计算机资源(主要是CPU和RAM)进行加密货币挖掘(例如Monero或Zcash)的恶意软件。此恶意软件通过将开源挖掘工具集成到系统的启动例程中来建立持久性,而不需要用户的同意。高级的加密货币挖掘程序通常采用定时器配置或CPU使用限制等技术,以悄悄运行并避免检测。
| File | setup.exe |
| 已检查 | 2024-04-09 15:48:24 |
| MD5 | ecfbf5e8de56fd3303cd0c5a5c67295d |
| SHA1 | 11cbfcb70326e2ed8c0730c4cac1eb7b2607f565 |
| SHA256 | cc0e2956994e20bdcc659dc8c8070e26e4fd8aa4a8a3e6303176aa7b05f5fbec |
| SHA512 | af6756384b4e6db9e1741a78e1ab4d9cc0960066c1a804cc5452d3206ff48f703bde28da07883f3d25008a56a8df5dc02211d85258599a4ba599f593967694df |
| Imphash | 483f0c4259a9148c34961abbda6146c1 |
| File Size | 3816387 bytes |
Gridinsoft能够识别并消除Trojan.Win32.CoinMiner.dd!n,无需进一步的用户干预。
| Comments | This installation was built with Inno Setup. |
| CompanyName | |
| FileDescription | Grand Theft Auto IV Setup |
| FileVersion | |
| LegalCopyright | |
| ProductName | Grand Theft Auto IV |
| ProductVersion | |
| Translation | 0x0000 0x04b0 |
 |
9baae78e54a6b6ece546dc74b32e8cfe c6d1ff89b08ca9dcc615745a99c68c49 0015696b3b133300 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00416478 |
| Compilation: | 2012-10-02 05:04:04 |
| Checksum: | 0x00000000 (Actual: 0x003a5620) |
| OS Version: | 5.0 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 8 |
| Imports: | oleaut32, advapi32, user32, kernel32, comctl32, |
| Exports: | 0 |
| Resources: | 20 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000143f8 | 0x00014400 | 345db2b6911addc85b53f32245f969a0 | 6.48 |
| .itext | 0x00016000 | 0x00000be8 | 0x00000c00 | 2e74d968caedeb2d71b9505530d43907 | 6.02 |
| .data | 0x00017000 | 0x00000d9c | 0x00000e00 | d5b22eff9e08edaa95f493c1a71158c0 | 2.67 |
| .bss | 0x00018000 | 0x00005750 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .idata | 0x0001e000 | 0x00000f9e | 0x00001000 | b47eaca4c149ee829de76a342b5560d5 | 4.97 |
| .tls | 0x0001f000 | 0x00000008 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .rdata | 0x00020000 | 0x00000018 | 0x00000200 | 3746f5876803f8f30db5bb2deb8772ae | 0.19 |
| .rsrc | 0x00021000 | 0x000108f4 | 0x00010a00 | ec2a7eb2e92f5818418a382d3ba08f8b | 6.10 |
