Client-built.exe Stealer Keylogger Analysis

Stealer Keylogger
Updated on 2023-11-04 (10 months ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.146.174
DB Version:2023-11-04 04:00:48

Spy.Win32.Keylogger.dd!n

Keylogger is designed to secretly record keystrokes on a computer or mobile device, capturing everything a user types, including sensitive information like passwords and credit card numbers. It can be used by cybercriminals to steal personal and confidential data without the user's knowledge or consent.

FileClient-built.exe
Checked2023-11-04 02:19:42
MD5ad1c7bec12cb9d214c1be9fee1afd7c2
SHA100f8d95b7d81a5338e9c4f27232b554e37897312
SHA2561bef1f3c1a1b7dc4cfe79e467825ebc89ea687543613e05ac9e7d7b21fc68d7d
SHA51263e407fc9ceee12d4ea24c861959a35d9ab18c3e6c31d185b70cf414ac1371be2b80f51f48aab9301082671400d657bed3a2fda7d0939a5f6a7740f937f06403
Imphashf34d5f2d4577ed6d9ceec516c1f5a744
File Size3266048 bytes

Spy.Win32.Keylogger.dd!n Removal

Spy.Win32.Keylogger.dd!n Removal

Gridinsoft has the capability to identify and eliminate Spy.Win32.Keylogger.dd!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Translation0x0000 0x04b0
Comments
CompanyName
FileDescriptionQuasar Client
FileVersion1.4.1
InternalNameClient.exe
LegalCopyrightCopyright © MaxXor 2023
LegalTrademarks
OriginalFilenameClient.exe
ProductNameQuasar
ProductVersion1.4.1
Assembly Version1.4.1.0

Portable Executable Info

Image Base:0x00400000
Entry Point:0x0071e3fe
Compilation:2023-03-12 16:16:39
Checksum:0x00000000 (Actual: 0x00329482)
OS Version:4.0
PEiD:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:3
Imports: mscoree,
Exports: 0
Resources:2

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00002000 0x0031c404 0x0031c600 5997c46e96975caf1fcf2285c8c7a461 6.08
.rsrc 0x00320000 0x00000a93 0x00000c00 cdeae95ac72e9e58017d2bcc89d2fbea 4.65
.reloc 0x00322000 0x0000000c 0x00000200 e7d4f7d5c6a56813a995215f35c1a9ce 0.08

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Learn more Download Now
Gridinsoft Anti-Malware