Client-built.exe Stealer Keylogger Analysis

Stealer Keylogger
Updated on 2024-04-29 (26 days ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.173.174
DB Version:2024-04-29 14:00:24

Spy.Win32.Keylogger.dd!n

Keylogger is designed to secretly record keystrokes on a computer or mobile device, capturing everything a user types, including sensitive information like passwords and credit card numbers. It can be used by cybercriminals to steal personal and confidential data without the user's knowledge or consent.

FileClient-built.exe
Checked2024-04-29 14:52:05
MD5eb3e5e3cd42fcc4f0f05218978469e00
SHA1262a0eb08d70b94d7938166e67f85fe6fbbed964
SHA25672a3341ee229d8f6a14437b9329f629d8e1920234251c74409e615ab9139d707
SHA5123bebba0e84be00cacf861622ee2ab4bef7874ebf31e412db0d486cb6f7c3116ae55304a34a710623ad926d4b41c13830898513997a566c6194e0fa728573807b
Imphashf34d5f2d4577ed6d9ceec516c1f5a744
File Size3266048 bytes

Spy.Win32.Keylogger.dd!n Removal

Spy.Win32.Keylogger.dd!n Removal

Gridinsoft has the capability to identify and eliminate Spy.Win32.Keylogger.dd!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Translation0x0000 0x04b0
Comments
CompanyName
FileDescriptionQuasar Client
FileVersion1.4.1
InternalNameClient.exe
LegalCopyrightCopyright © MaxXor 2023
LegalTrademarks
OriginalFilenameClient.exe
ProductNameQuasar
ProductVersion1.4.1
Assembly Version1.4.1.0

Portable Executable Info

Image Base:0x00400000
Entry Point:0x0071e3fe
Compilation:2023-03-12 16:16:39
Checksum:0x00000000 (Actual: 0x00327ff2)
OS Version:4.0
PEiD:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:3
Imports: mscoree,
Exports: 0
Resources:2

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00002000 0x0031c404 0x0031c600 ad267d9708376d70749328fde5a83829 6.08
.rsrc 0x00320000 0x00000a93 0x00000c00 cdeae95ac72e9e58017d2bcc89d2fbea 4.65
.reloc 0x00322000 0x0000000c 0x00000200 e7d4f7d5c6a56813a995215f35c1a9ce 0.08

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware