Online Virus Checker | v.1.0.172.174 |
DB Version: | 2024-04-25 11:00:38 |
File | DaemonClaw.exe |
Checked | 2024-04-25 08:46:23 |
MD5 | 5c328ec9fc7c16af454a43ff5c68fe30 |
SHA1 | bc4527ed1fd7dc436c362be6f6b5232d043d5f49 |
SHA256 | 8d737c5273782bee9081f555051fc33014afd83cd587c2a257b810626722218b |
SHA512 | 682b92e74b58a408c5ad36edb57b1162676f0b4a775cbba4d04b4aebced6cde5d328c254dd083fe947647822c561c9405138d5e7b70dc1edf7a57fc7e5fe2c84 |
Imphash | f18952a1b4265d767ec0bab410377559 |
File Size | 2312704 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win64.Znyonm.oa!s1 without requiring further user intervention.
CompanyName | The NW.js Community |
FileDescription | nwjs |
FileVersion | 0.85.0 |
InternalName | nw_exe |
LegalCopyright | Copyright 2023, The NW.js community and The Chromium Authors. All rights reserved. |
OriginalFilename | nw.exe |
ProductName | nwjs |
ProductVersion | 0.85.0 |
CompanyShortName | nwjs.io |
ProductShortName | nwjs |
LastChange | 0000000000000000000000000000000000000000-0000000000000000000000000000000000000000 |
Translation | 0x0409 0x04b0 |
c78ea2e284ddc9feb131b0bb9b0335f2 359bb7409f6d66c2043431322b378e73 70f0b23319aecc70 |
|
Image Base: | 0x140000000 |
Entry Point: | 0x1401452c0 |
Compilation: | 2023-05-07 05:00:00 |
Checksum: | 0x00000000 (Actual: 0x0023e7c0) |
OS Version: | 5.2 |
PDB Path: | E:\nw85_sdk_win64\node-webkit\src\outst\nw\initialexe\nw.exe.pdb |
PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 13 |
Imports: | nw_elf, KERNEL32, VERSION, ntdll, |
Exports: | 3 |
Resources: | 62 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0017ec58 | 0x0017ee00 | f7fabd42e741b3786fad91855e2b25cf | 6.54 |
.rdata | 0x00180000 | 0x0003f484 | 0x0003f600 | 5c1b2023a64e7c37da18cd7367a0e9ce | 5.91 |
.data | 0x001c0000 | 0x0000a590 | 0x00004600 | 3f6ae5fdeaee7b2397c655ac64501bd8 | 3.04 |
.pdata | 0x001cb000 | 0x0000eeec | 0x0000f000 | ae937b998ace42c5436031abeda35fa9 | 5.99 |
.gxfg | 0x001da000 | 0x00002e50 | 0x00003000 | 4ec578b1ec89e882afa14560783dd61b | 5.11 |
.retplne | 0x001dd000 | 0x000000a8 | 0x00000200 | 5ecca2c6ea1d296f112e2a3940d7af4a | 1.32 |
.tls | 0x001de000 | 0x00000213 | 0x00000400 | b975bbe1f330b7a699d04cf9e069f382 | 0.21 |
.voltbl | 0x001df000 | 0x00000044 | 0x00000200 | 3e0c0ec85f664161cf947e236f80c926 | 1.14 |
CPADinfo | 0x001e0000 | 0x00000038 | 0x00000200 | 60d3ea61d541c9be2e845d2787fb9574 | 0.12 |
_RDATA | 0x001e1000 | 0x000000f4 | 0x00000200 | 46ba4075596d5633861c2aeeb8156ff3 | 2.45 |
malloc_h | 0x001e2000 | 0x00000130 | 0x00000200 | 1dff7f77a7f6c1cf22e6ef94bb666793 | 4.42 |
.rsrc | 0x001e3000 | 0x0005ca18 | 0x0005cc00 | 59d45fd1b01c3f36c01693dedd4f772e | 4.71 |
.reloc | 0x00240000 | 0x00002140 | 0x00002200 | 12c03c9188df48fe9ad95160a0f6d644 | 5.42 |