| 文件名 | idGenerator_windows_amd64.exe |
| 文件类型 |
PE32+ executable (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.220.174 |
| 数据库版本 | 2025-07-12 21:00:17 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
533767398c574c090d8919e589c3bd38
|
|
| SHA1 |
0611499325c337d158034e3d590bc5663b3ff1be
|
|
| SHA256 |
11ade3020336f705cbba2f8b22ce457df5d4a4f42dab446425ef439cd19b9b2f
|
|
| SHA512 |
dd555063c45ea1bf956364031b455cbaf564bbd04b950038123b00b987845230c218b9efa3b2448a755edf106f4c25927e8f55ff1c65d639120cdb5f52e0bce4
|
|
| ImpHash |
d42595b695fc008ef2c56aabd8efd68e
|
| 映像基址 | 0x00400000 |
| 入口点 | 0x00470f60 |
| 编译时间 | 1970-01-01 00:00:00 |
| 校验和 | 0x00000000 (实际: 0x0028abbe) |
| 操作系统版本 | 6.1 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
1 库
kernel32 |
| 导出 | 0 函数 |
| 资源 | 0 资源 |
| 节 | 15 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
747,985 bytes | 748,032 bytes | 6.23 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
836E079669D2E6C41EA2199DA9DA07CD |
.rdata |
0x000b8000 |
915,688 bytes | 915,968 bytes | 5.45 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A9C9FBD4B40FBF606E44F60B83B9D7F7 |
.data |
0x00198000 |
360,800 bytes | 61,952 bytes | 3.92 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
ECEBBC127994AC0BF49379E07E9FF09C |
.pdata |
0x001f1000 |
20,628 bytes | 20,992 bytes | 5.23 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
EC601D68E205C2EB44B6C5F63B3FBA07 |
.xdata |
0x001f7000 |
180 bytes | 512 bytes | 1.78 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5D7E1058EE320E2737908E666B3A7AE5 |
/4 |
0x001f8000 |
331 bytes | 512 bytes | 5.58 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
523EAECD9190DFD8860C76496FE54D39 |
/19 |
0x001f9000 |
172,032 bytes | 172,032 bytes | 7.99 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
8A32713ABACE1823F090E926B82A2980 |
/32 |
0x00223000 |
33,178 bytes | 33,280 bytes | 7.93 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
DE4BC8D5B321132E556C21F90FE7674C |
/46 |
0x0022c000 |
48 bytes | 512 bytes | 0.86 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
40CCA7C46FC713B4F088E5D440CA7931 |
/65 |
0x0022d000 |
321,239 bytes | 321,536 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
06D685AAEA172F0A146B2AC7C95476BF |
/78 |
0x0027c000 |
173,921 bytes | 174,080 bytes | 7.99 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
FC3336121EB894972F3962FBCAE126D7 |
/90 |
0x002a7000 |
64,916 bytes | 65,024 bytes | 7.79 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
78D872C63774D83DE1137381C648EE7B |
.idata |
0x002b7000 |
1,342 bytes | 1,536 bytes | 3.95 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
3D15C09D28AD28CAEA22B2338D46415D |
.reloc |
0x002b8000 |
16,368 bytes | 16,384 bytes | 5.44 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
0EE48FDB1179CD449C71C3507CD9F261 |
.symtab |
0x002bc000 |
115,105 bytes | 115,200 bytes | 5.05 (正常) |
IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
939E307AC928C9EC5DAC856B7EBB81C4 |
5 检测到高熵(≥7.5)的节 - 可能存在打包/加密
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
