| 在线病毒检测器 | v.1.0.191.174 |
| 数据库版本: | 2024-10-02 01:00:32 |
键盘记录器被设计为在计算机或移动设备上秘密记录按键,捕获用户输入的一切内容,包括敏感信息如密码和信用卡号码。它可以被网络犯罪分子用来在用户不知情或未经同意的情况下窃取个人和机密数据。
| File | chroma.exe |
| 已检查 | 2024-10-01 22:10:41 |
| MD5 | 6e5f264cc27fdb6111f4aed27a3a743e |
| SHA1 | c6664c842338b9780b30a5bc55c8f143a39c42b3 |
| SHA256 | ee8e1aaebd5aaa782e40df6983a2185dcb10f747cafb850be6b9558a3aad9dac |
| SHA512 | 7085fcbd9a9da36bc1078e2e7c7b75e9d4c71a04e65979c9920ae9d01df774c370749c20867c3914ce73c4ee46fefb395594583d6ac1b4428422c2ab8ed6f410 |
| Imphash | 6011984d7c1f1b97a34d7517a498bff8 |
| File Size | 4003017 bytes |
Gridinsoft能够识别并消除Spy.Win32.Keylogger.cl,无需进一步的用户干预。
 |
3bcd2eee63d2b50edd16f91c27752049 f8aaa158a1577a4ff3ff1f0df830939c 0d1c0d57556d8d75 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00401290 |
| Compilation: | 2018-05-14 15:17:06 |
| Checksum: | 0x003db49a (Actual: 0x003db49a) |
| OS Version: | 4.0 |
| PEiD: | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | ADVAPI32, KERNEL32, msvcrt, SHELL32, USER32, |
| Exports: | 0 |
| Resources: | 21 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00006080 | 0x00006200 | 7a3818cabc9cf80103d368f58fbe48cf | 5.98 |
| .data | 0x00008000 | 0x00000040 | 0x00000200 | 3d4489f93d799c2f1cd6cbf1959b8bcf | 0.16 |
| .rdata | 0x00009000 | 0x00000510 | 0x00000600 | 0ba33aaa7c8de2d9ce0b1ff96bd9e64a | 5.01 |
| .bss | 0x0000a000 | 0x00008e30 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .idata | 0x00013000 | 0x00000aa8 | 0x00000c00 | ef152b96063582fc8f2bd1e1fd8a5e6f | 4.65 |
| .rsrc | 0x00014000 | 0x0001acca | 0x0001ae00 | 515dc9e95034a8c02073fc87d01fce55 | 3.92 |
