| 在线病毒检测器 | v.1.0.193.174 |
| 数据库版本: | 2024-10-19 03:00:50 |
CoinMiner是一种利用受害者的计算机资源(主要是CPU和RAM)进行加密货币挖掘(例如Monero或Zcash)的恶意软件。此恶意软件通过将开源挖掘工具集成到系统的启动例程中来建立持久性,而不需要用户的同意。高级的加密货币挖掘程序通常采用定时器配置或CPU使用限制等技术,以悄悄运行并避免检测。
| File | FL Studio 20 Portable.exe |
| 已检查 | 2024-10-19 00:59:43 |
| MD5 | cf3b541c650d940bf1a60d9178c1f98f |
| SHA1 | 3fb77fcdc6ce786607492f1b556962858e217227 |
| SHA256 | e138a195780a9d12308a70be78d4f796aa0718f5c3017a31f6785382bf56c9f4 |
| SHA512 | 281e6ad9a8f3bea5d15d5ff038e82719ef495710208a62f9a1aef546a0ff58fba52f542345bfda928ef2e665cad533e64c3f99dc88c40fcb2c300a40a9049701 |
| Imphash | affa2f94d00b1c91617b7450de103626 |
| File Size | 4573729 bytes |
Gridinsoft能够识别并消除Trojan.Win64.CoinMiner.dd!s1,无需进一步的用户干预。
 |
0ae26ef28b4d6932e1e5c1be6e312dfe 65c101bdf2d311ed3fbfd74fba495bcb f8f87879793998e8 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x140002cb4 |
| Compilation: | 2018-10-12 09:25:36 |
| Checksum: | 0x00000000 (Actual: 0x00464ddc) |
| OS Version: | 5.2 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | No valid SignedData structure was found. |
| Sections: | 7 |
| Imports: | KERNEL32, |
| Exports: | 0 |
| Resources: | 16 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0000517a | 0x00005200 | 97d04afa98f3958744073fa3755ac90e | 6.19 |
| .data | 0x00007000 | 0x000004a8 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .pdata | 0x00008000 | 0x00000168 | 0x00000200 | b9dbe5eb7530a74cfda3ad8766457ef5 | 2.97 |
| .xcpad | 0x00009000 | 0x00047000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .idata | 0x00050000 | 0x0000049a | 0x00000600 | 61ec5b958c9641c6c7ebc10bc8d34107 | 3.31 |
| .reloc | 0x00051000 | 0x0000001c | 0x00000200 | e9b5a365d6580af2807cc9f60e49f7ac | 0.37 |
| .rsrc | 0x00052000 | 0x000195cc | 0x00019600 | cc0e7920185e7887a159abea2d45d487 | 7.13 |
