Client-built.exe Stealer Keylogger Analysis

Stealer Keylogger
Updated on 2023-11-04 (8 months ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.146.174
DB Version:2023-11-04 04:00:48

Spy.Win32.Keylogger.dd!n

Keylogger is designed to secretly record keystrokes on a computer or mobile device, capturing everything a user types, including sensitive information like passwords and credit card numbers. It can be used by cybercriminals to steal personal and confidential data without the user's knowledge or consent.

FileClient-built.exe
Checked2023-11-04 02:19:42
MD5ad1c7bec12cb9d214c1be9fee1afd7c2
SHA100f8d95b7d81a5338e9c4f27232b554e37897312
SHA2561bef1f3c1a1b7dc4cfe79e467825ebc89ea687543613e05ac9e7d7b21fc68d7d
SHA51263e407fc9ceee12d4ea24c861959a35d9ab18c3e6c31d185b70cf414ac1371be2b80f51f48aab9301082671400d657bed3a2fda7d0939a5f6a7740f937f06403
Imphashf34d5f2d4577ed6d9ceec516c1f5a744
File Size3266048 bytes

Spy.Win32.Keylogger.dd!n Removal

Spy.Win32.Keylogger.dd!n Removal

Gridinsoft has the capability to identify and eliminate Spy.Win32.Keylogger.dd!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Translation0x0000 0x04b0
Comments
CompanyName
FileDescriptionQuasar Client
FileVersion1.4.1
InternalNameClient.exe
LegalCopyrightCopyright © MaxXor 2023
LegalTrademarks
OriginalFilenameClient.exe
ProductNameQuasar
ProductVersion1.4.1
Assembly Version1.4.1.0

Portable Executable Info

Image Base:0x00400000
Entry Point:0x0071e3fe
Compilation:2023-03-12 16:16:39
Checksum:0x00000000 (Actual: 0x00329482)
OS Version:4.0
PEiD:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:3
Imports: mscoree,
Exports: 0
Resources:2

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00002000 0x0031c404 0x0031c600 5997c46e96975caf1fcf2285c8c7a461 6.08
.rsrc 0x00320000 0x00000a93 0x00000c00 cdeae95ac72e9e58017d2bcc89d2fbea 4.65
.reloc 0x00322000 0x0000000c 0x00000200 e7d4f7d5c6a56813a995215f35c1a9ce 0.08

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware