| 在线病毒检测器 | v.1.0.183.174 |
| 数据库版本: | 2024-08-01 06:00:30 |
特洛伊木马Agent是一种恶意软件,伪装成合法的文件或程序,以在受感染的计算机上执行各种有害操作,如数据窃取或网络犯罪分子的远程控制。
| File | LT SkinChanger.exe |
| 已检查 | 2024-08-01 04:03:05 |
| MD5 | 2edf4bca814d963ba53d3de64ae8c84c |
| SHA1 | 241facc735208888dc17b32d0e3b255fb49d103c |
| SHA256 | ff054443d86e7e49663fc55217ce38ff0a41d581192df256939c12326c38f7a3 |
| SHA512 | 75bef7f448e5c6058b34caa1a42a295ab36ba238f9c238ed77201edf688440de50ece4f68ee9c831434ddce79f86374892bccebf405da2e8295f4c424f6ea8d4 |
| Imphash | 2ac23c52e7647c5bbea38e98bb68c652 |
| File Size | 1911419 bytes |
Gridinsoft能够识别并消除Trojan.Win64.Agent.sa,无需进一步的用户干预。
 |
8bbaba72009303cec3aceb3c778e6714 f40dbbfcb1eebb4e7f83f7f55d3c33b6 70e0eac89cb6c823 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x14000be20 |
| Compilation: | 2024-06-15 07:04:01 |
| Checksum: | 0x001e0b8d (Actual: 0x001e0b8d) |
| OS Version: | 5.2 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32, |
| Exports: | 0 |
| Resources: | 8 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00028f60 | 0x00029000 | de5b7deeb13436557c4ba84aa3d5b3fb | 6.48 |
| .rdata | 0x0002a000 | 0x00012510 | 0x00012600 | a78a428e3c1648b973c8db56cfe12845 | 5.76 |
| .data | 0x0003d000 | 0x000073c8 | 0x00000e00 | 8013c58834a08435a779ff436ff10eb7 | 1.83 |
| .pdata | 0x00045000 | 0x000021c0 | 0x00002200 | d16e38966953c987eb484ac72e115d6c | 5.43 |
| .rsrc | 0x00048000 | 0x0003ee18 | 0x0003f000 | cc76aa3da24e659b8168d9c5edac5fb9 | 7.61 |
| .reloc | 0x00087000 | 0x00000768 | 0x00000800 | be4464056c7d34453c1e26c7294816ee | 5.28 |
