| 在线病毒检测器 | v.1.0.179.174 |
| 数据库版本: | 2024-06-11 11:00:23 |
键盘记录器被设计为在计算机或移动设备上秘密记录按键,捕获用户输入的一切内容,包括敏感信息如密码和信用卡号码。它可以被网络犯罪分子用来在用户不知情或未经同意的情况下窃取个人和机密数据。
| File | WP2.exe |
| 已检查 | 2024-06-11 08:29:05 |
| MD5 | 3c3b62d51fd6ae6617b0b8f64308d575 |
| SHA1 | be815a21e3a9ccffbe4a259e02d70435635f859b |
| SHA256 | db6157c3ec4684a02b5d769f0c6109c3e0b9cd2ad70bef3dd01c04b8a1d68907 |
| SHA512 | 1e38842458f87ab847ff5af456bdfdfc7692d00ca861570833c4707f50a1f101d52a8d14d8dbf0ed238849f29e898e490d782d770a56882e2d7a43a77b6cfe25 |
| Imphash | 2ac23c52e7647c5bbea38e98bb68c652 |
| File Size | 64860868 bytes |
Gridinsoft能够识别并消除Spy.Win64.Keylogger.oa!s1,无需进一步的用户干预。
 |
92c34c309134e81744437920bfc88962 0eae228daf12d89ee480dd75a83dc66b e0f09c94c6e3c1e0 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x14000be20 |
| Compilation: | 2024-06-10 19:27:19 |
| Checksum: | 0x03de383a (Actual: 0x03de383a) |
| OS Version: | 5.2 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32, |
| Exports: | 0 |
| Resources: | 3 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00028f60 | 0x00029000 | de5b7deeb13436557c4ba84aa3d5b3fb | 6.48 |
| .rdata | 0x0002a000 | 0x00012510 | 0x00012600 | 7f6e1ded3a068507baa35adb94a4aa66 | 5.76 |
| .data | 0x0003d000 | 0x000073c8 | 0x00000e00 | 8013c58834a08435a779ff436ff10eb7 | 1.83 |
| .pdata | 0x00045000 | 0x000021c0 | 0x00002200 | d16e38966953c987eb484ac72e115d6c | 5.43 |
| .rsrc | 0x00048000 | 0x00010e34 | 0x00011000 | 3a34aa3f2f2a06225217065895a568ea | 6.42 |
| .reloc | 0x00059000 | 0x00000768 | 0x00000800 | be4464056c7d34453c1e26c7294816ee | 5.28 |
