| 文件名 | 0252a0532b877e6d06908d6dea31c3683d4c82cabad0ae9d2f9446297aa3267b.bin |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.215.174 |
| 数据库版本 | 2025-04-29 11:00:27 UTC |
恶意软件家族: Patcher
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
fb919774e31f4a14e76f84e73f4994cc
|
|
| SHA1 |
20e46633422b7f1877b667a91c545f7937953f3d
|
|
| SHA256 |
0252a0532b877e6d06908d6dea31c3683d4c82cabad0ae9d2f9446297aa3267b
|
|
| SHA512 |
17ea0f41387c7e910674036fff8ca47188262f0848c613f7d748f1f45e600ce3a5d3e02d0d662a3e53b057be1ef1c4205c9b784630a2f75f25a9baadf4c0e2ab
|
|
| ImpHash |
84149ee299f7de87625baf2d86b7199c
|
| 图标 |
哈希: 51a6edb4a63a1b408b85c093c4bcc75e
模糊: 73c7a1254d535734994db0e97b076f7d dHash: 9672cccccccc7032 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x1403b5990 |
| 编译时间 | 2022-10-16 14:43:19 |
| 校验和 | 0x006a7374 (实际: 0x006a7374) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | AcroTray.pdb |
| 数字签名 | The expected hash does not match the digest in SpcInfo |
| 导入 | 23 库 |
| 导出 | 0 函数 |
| 资源 | 24 资源 |
| 节 | 7 节 |
| Comments | |
| CompanyName | Adobe Systems Inc. |
| FileDescription | AcroTray |
| FileVersion | 22.3.20263.0 |
| InternalName | AcroTray |
| LegalCopyright | Copyright © Adobe Systems Inc. 1992-2022 |
| LegalTrademarks | |
| OriginalFilename | AcroTray.exe |
| PrivateBuild | |
| ProductName | AcroTray - Adobe Acrobat Distiller helper application. |
| ProductVersion | 22.3.20263.0 |
| SpecialBuild | |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
4,598,236 bytes | 4,598,272 bytes | 6.31 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
5FBAF9778D68711C06B8C637E2BC5901 |
.rdata |
0x00464000 |
1,976,152 bytes | 1,976,320 bytes | 5.69 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9492EA5E511567C84D73624BCA8A160A |
.data |
0x00647000 |
158,356 bytes | 114,176 bytes | 3.11 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E2B92CCD84E82788CF948C4B8322B326 |
.pdata |
0x0066e000 |
177,540 bytes | 177,664 bytes | 6.28 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
412C485C80A215E61A676CF8B79B1951 |
_RDATA |
0x0069a000 |
252 bytes | 512 bytes | 2.46 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
92EBECD47F344B144454B51EDD266F3D |
.rsrc |
0x0069b000 |
9,760 bytes | 10,240 bytes | 3.36 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
B21F775DB1B83A1B1EE4CD355A8A9ACA |
.reloc |
0x0069e000 |
68,584 bytes | 68,608 bytes | 5.46 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
E1A8B834B7EC59B2BB2AEA340452775F |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 8 | 4,616 字节 | |
| RT_MENU | 1 | 236 字节 | |
| RT_DIALOG | 1 | 726 字节 | |
| RT_STRING | 6 | 882 字节 | |
| RT_GROUP_ICON | 6 | 148 字节 | |
| RT_VERSION | 1 | 988 字节 | |
| RT_MANIFEST | 1 | 762 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
The expected hash does not match the digest in SpcInfo
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
