» vknt.exe
Overview
Analysis
File Details

vknt.exe

The executable vknt.exe has been detected as malware by 17 anti-virus scanners. Accoriding to the detections, this has been classified as a kyelogger which is capable of recoring a user's keystrokes.

File name:

vknt.exe

MD5:

a1b70bd8fca5dc284f9a9506392abd76

SHA-1:

9a2c990829f645fd866ae92a9c19abb49c72ed30

SHA-256:

399d0c380ee10331b96ae67d4b1493ec233cf2c2e6d011a62d43e0ad18b07f6e

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/25/2024 9:26:19 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

TrojanSpy.Montp

7.1.1

AhnLab V3 Security

Trojan/Win32.Patched

2013.05.31

Avira AntiVirus

SPR/Tool.ID

7.11.133.10

AVG

PSW.Generic8

2015.0.3478

Fortinet FortiGate

W32/PWS_y.OE!tr

12/21/2014

F-Prot

W32/Trojan2.MRGU

v6.4.7.1.166

IKARUS anti.virus

Trojan-Spy.Win32.Montp

t3scan.2.0.0.0

K7 AntiVirus

Trojan

13.168780

McAfee

RDN/Generic PWS.y!oe

5600.6909

NANO AntiVirus

Trojan.Win32.KeyLogger.prhoc

0.24.0.52593

Norman

Suspicious_Gen2.SHGEA

11.20141221

nProtect

Trojan/W32.Agent.157184.BL

13.05.30.05

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.21.23

SUPERAntiSpyware

Trojan.Agent/Gen-Spy

10613

Vba32 AntiVirus

TrojanSpy.Montp

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

26682

ViRobot

Trojan.Win32.Generic.157184

2011.4.7.4223

File size:

152.5 KB (156,160 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\vietkey\vknt.exe

File PE Metadata

Compilation timestamp:

12/11/2002 4:53:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.10

CTPH (ssdeep):

3072:hrMhrSvkfbBVRB2k9LUQU/3pKAgtLG2/zfY0H:BMBSMfbBnB2k9LUQU/3pKpB/zf

Entry address:

0x6A80

Entry point:

64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 30, 84, 40, 00, 68, 4C, 7A, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 14, C4, 40, 00, A3, E8, AD, 40, 00, 33, C0, A0, E9, AD, 40, 00, A3, F4, AD, 40, 00, A1, E8, AD, 40, 00, C1, 2D, E8, AD, 40, 00, 10, 25, FF, 00, 00, 00, A3, F0, AD, 40, 00, C1, E0, 08, 03, 05, F4, AD, 40, 00, A3, EC, AD, 40, 00, E8, 7A, 01, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, 7E, 0D, 00, 00, E8, 69, 0D, 00, 00, FF, 15, 3C, C4, 40, 00, A3, 84, BE... 
[+]

Developed / compiled with:

Microsoft Visual C++ v4.2

Code size:

27.5 KB (28,160 bytes)

Remove vknt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.