Online Virus Checker | v.1.0.156.174 |
DB Version: | 2024-01-26 08:02:44 |
File | wghost |
Checked | 2024-01-26 06:36:52 |
MD5 | 14dd1425246c3de241f461f3f5a20581 |
SHA1 | 87762e5d73fdec6973c615f68fcb8cb34607bd57 |
SHA256 | 2b68ba7b3c26b6689a43c1c15a9aeba76195ba160d077cca0689704a43088679 |
SHA512 | 25193ae06794824b3064da27928b9becf6cdea6359b30ebbaf22188534204ef2bf2463ba2ea7592e97986ca5dbcc682cf85adab5c21089f91bd771ed9954c65a |
Imphash | 25f79f8164a5955e9239d9f9db08044b |
File Size | 9152664 bytes |
Gridinsoft has the capability to identify and eliminate Risk.CoinMiner.B.vl!yf without requiring further user intervention.
FileVersion | 12.1.1.0 |
FileDescription | wghost |
ProductName | wghost |
ProductVersion | 12.1.1.0 |
CompanyName | wghost |
LegalCopyright | Microsoft Windows Surface |
Comments | wghost |
Translation | 0x0804 0x04b0 |
d33c7600ea95c91d5d51400de64320ec 68b19720b0e44d98f0f7612d60b43bae f1f89a7aeabad8f8 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x0045f495 |
Compilation: | 2023-12-01 08:59:40 |
Checksum: | 0x00000000 (Actual: 0x008be880) |
OS Version: | 4.0 |
PEiD: | MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS |
Sign: | The PE file does not contain a certificate table. |
Sections: | 2 |
Imports: | KERNEL32, iphlpapi, WINMM, WS2_32, USER32, GDI32, WINSPOOL, ADVAPI32, SHELL32, ole32, OLEAUT32, COMCTL32, comdlg32, |
Exports: | 0 |
Resources: | 56 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.MPRESS1 | 0x00001000 | 0x008b2000 | 0x008b0e00 | d9b978c3ee132f1eed6ae7f4fe9cca4a | 6.55 |
.MPRESS2 | 0x008b3000 | 0x000075dc | 0x000075dc | 00f54975eb1fcf677cb934f235220e5c | 5.17 |