» vknt.exe
Overview
Analysis
File Details

vknt.exe

The executable vknt.exe has been detected as malware by 18 anti-virus scanners. Accoriding to the detections, this has been classified as a kyelogger which is capable of recoring a user's keystrokes.

File name:

vknt.exe

MD5:

22fcca62f3dc36dc025ffdec496d638e

SHA-1:

0a60fe3847ad61fea407549ae2c4e4e9f534f9a8

SHA-256:

333856b83ef17084e9345f3af7a73b0b5fb1f7318bb97a7da24f60f9734e9222

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/19/2024 9:18:09 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

TrojanSpy.Montp

7.1.1

AhnLab V3 Security

Trojan/Win32.Patched

14.05.15

Avira AntiVirus

TR/Offend.7003649

7.11.81.212

Fortinet FortiGate

W32/PWS_y.OE!tr

12/21/2014

F-Prot

W32/Trojan2.MRGU

v6.4.7.1.166

IKARUS anti.virus

Trojan-Spy.Win32.Montp

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.168780

McAfee

RDN/Generic PWS.y!oe

5600.6909

NANO AntiVirus

Trojan.Win32.KeyLogger.prhoc

0.28.0.59826

Norman

Suspicious_Gen5.ECR

11.20140515

nProtect

Trojan/W32.Agent.157184.BL

13.05.30.05

Qihoo 360 Security

Malware.QVM06.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.21.23

SUPERAntiSpyware

Trojan.Agent/Gen-Zusy

10604

Vba32 AntiVirus

TrojanSpy.Montp

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

29230

ViRobot

Trojan.Win32.Generic.157184

2011.4.7.4223

Zillya! Antivirus

Trojan.Genome.Win32.16764

2.0.0.1789

File size:

153.5 KB (157,184 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\vietkey\vknt.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.10

CTPH (ssdeep):

3072:Ziplr/0QnyneVB7c6PUQU/3pKAgtLG2/zfY0:Aplrc+ynejQ6PUQU/3pKpB/zf

Entry address:

0x6B00

Entry point:

64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 30, 84, 40, 00, 68, CC, 7A, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 14, C4, 40, 00, A3, A8, AE, 40, 00, 33, C0, A0, A9, AE, 40, 00, A3, B4, AE, 40, 00, A1, A8, AE, 40, 00, C1, 2D, A8, AE, 40, 00, 10, 25, FF, 00, 00, 00, A3, B0, AE, 40, 00, C1, E0, 08, 03, 05, B4, AE, 40, 00, A3, AC, AE, 40, 00, E8, 7A, 01, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, 7E, 0D, 00, 00, E8, 69, 0D, 00, 00, FF, 15, 3C, C4, 40, 00, A3, 44, BF... 
[+]

Entropy:

6.0969

Developed / compiled with:

Microsoft Visual C++ v4.2

Code size:

28 KB (28,672 bytes)

Remove vknt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.