Online Virus Checker | v.1.0.181.174 |
DB Version: | 2024-07-07 12:00:22 |
Keylogger is designed to secretly record keystrokes on a computer or mobile device, capturing everything a user types, including sensitive information like passwords and credit card numbers. It can be used by cybercriminals to steal personal and confidential data without the user's knowledge or consent.
File | igotboyz-excutor.exe |
Checked | 2024-07-07 09:52:00 |
MD5 | 80999a2521098e28bf828a97ce88fae3 |
SHA1 | 78f5fcb698c20814acca7c0293d8bb49ec835a0a |
SHA256 | 16f83bb73d4c2292db03b8c58d862c9e6962f62883d46bb0f07efe8f416fb3d8 |
SHA512 | faa8d3661d756464aa95042d05ccf87ab54c9c70c48f8e254069d1744a51acfbea00ace9b9013c0baa66ffac06e78b7ca0ef9719eddf7f504ea4f3f302db2cd2 |
Imphash | 2ac23c52e7647c5bbea38e98bb68c652 |
File Size | 30645545 bytes |
Gridinsoft has the capability to identify and eliminate Spy.Win64.Keylogger.oa!s1 without requiring further user intervention.
CompanyName | Microsoft Corporation |
FileDescription | Certificate Enrollment Control |
FileVersion | 10.0.22621.1 (WinBuild.160101.0800) |
InternalName | EnrollComServer.exe |
LegalCopyright | © Microsoft Corporation. All rights reserved. |
OriginalFilename | EnrollComServer.exe |
ProductName | Microsoft® Windows® Operating System |
ProductVersion | 10.0.22621.1 |
Translation | 0x0409 0x04b0 |
Image Base: | 0x140000000 |
Entry Point: | 0x14000be20 |
Compilation: | 2024-07-07 09:31:40 |
Checksum: | 0x01d3c9d4 (Actual: 0x01d4218d) |
OS Version: | 5.2 |
PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
Sign: | The expected hash does not match the digest in SpcInfo |
Sections: | 6 |
Imports: | USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32, |
Exports: | 0 |
Resources: | 2 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00028f60 | 0x00029000 | de5b7deeb13436557c4ba84aa3d5b3fb | 6.48 |
.rdata | 0x0002a000 | 0x00012510 | 0x00012600 | c70d84ef2564bfb36d72e5baf83dfcab | 5.76 |
.data | 0x0003d000 | 0x000073c8 | 0x00000e00 | 8013c58834a08435a779ff436ff10eb7 | 1.83 |
.pdata | 0x00045000 | 0x000021c0 | 0x00002200 | d16e38966953c987eb484ac72e115d6c | 5.43 |
.rsrc | 0x00048000 | 0x0000096c | 0x00000a00 | afeccc829fe506612a7c9815183670f7 | 5.07 |
.reloc | 0x00049000 | 0x00000768 | 0x00000800 | be4464056c7d34453c1e26c7294816ee | 5.28 |