» vknt.exe
Overview
Analysis
File Details

vknt.exe

The executable vknt.exe has been detected as malware by 19 anti-virus scanners. Accoriding to the detections, this has been classified as a kyelogger which is capable of recoring a user's keystrokes.

File name:

vknt.exe

MD5:

bec5f3fa9d0860d41e0bedd5bb80ebd4

SHA-1:

5b55d30b0939af3b4b13a0fa9750b3253e7c0bde

SHA-256:

d54630ef7003b77db50a3871e42811ba2fb2c0a04166a656c9ad543a8d78d619

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

5/9/2024 4:14:55 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

TrojanSpy.Montp

7.1.1

AhnLab V3 Security

Trojan/Win32.Patched

2014.11.11

Avira AntiVirus

TR/Offend.6585273

7.11.183.246

Fortinet FortiGate

W32/PWS_y.OE!tr

12/21/2014

F-Prot

W32/Trojan2.MRGU

v6.4.7.1.166

IKARUS anti.virus

Trojan-Spy.Win32.Montp

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.168780

McAfee

RDN/Generic PWS.y!oe

5600.6909

NANO AntiVirus

Trojan.Win32.KeyLogger.prhoc

0.28.6.62995

Norman

Suspicious_Gen2.SHGEA

11.20141219

nProtect

Trojan/W32.Agent.157184.BL

14.11.10.01

Qihoo 360 Security

Win32/Trojan.fc0

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.21.23

Rising Antivirus

PE:Trojan.Win32.Generic.1574DD16!359980310

23.00.65.141217

SUPERAntiSpyware

Trojan.Agent/Gen-Zusy

10167

Vba32 AntiVirus

TrojanSpy.Montp

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

34678

ViRobot

Trojan.Win32.Generic.157184

2011.4.7.4223

Zillya! Antivirus

Trojan.Genome.Win32.16764

2.0.0.1980

File size:

153.5 KB (157,184 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\vietkey\vknt.exe

File PE Metadata

Compilation timestamp:

12/13/2002 2:09:55 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.10

CTPH (ssdeep):

3072:Viplr/0QnyneVB7c6PUQU/3pKAgtLG2/zfY0:kplrc+ynejQ6PUQU/3pKpB/zf

Entry address:

0x6B00

Entry point:

64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 30, 84, 40, 00, 68, CC, 7A, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 14, C4, 40, 00, A3, A8, AE, 40, 00, 33, C0, A0, A9, AE, 40, 00, A3, B4, AE, 40, 00, A1, A8, AE, 40, 00, C1, 2D, A8, AE, 40, 00, 10, 25, FF, 00, 00, 00, A3, B0, AE, 40, 00, C1, E0, 08, 03, 05, B4, AE, 40, 00, A3, AC, AE, 40, 00, E8, 7A, 01, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, 7E, 0D, 00, 00, E8, 69, 0D, 00, 00, FF, 15, 3C, C4, 40, 00, A3, 44, BF... 
[+]

Entropy:

6.0970

Developed / compiled with:

Microsoft Visual C++ v4.2

Code size:

28 KB (28,672 bytes)

Remove vknt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.