| 文件名 | DNF.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.231.174 |
| 数据库版本 | 2026-01-05 13:00:34 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
c25841fda15126cb46b2b4e4ceadbc2b
|
|
| SHA1 |
e0380458be3f350a97585ba64b1ea78f716fec1e
|
|
| SHA256 |
22772f28c768f4512a44ad8a228519417653e4309534c5c84de69cc860d8878a
|
|
| SHA512 |
6d81245dcdbf54da5ae7ad51c0fa809486ac7e56a051e811ae009a11946fb5c1183417f5167ddc68891051de0180936f36f9ec81e59cb0097eb982ba9d01f5b1
|
|
| ImpHash |
70d098525c9fff353b8769f8d0c9a2cd
|
| 图标 |
哈希: bd1a84fed8ba4be96e388cf5fe225157
模糊: 62698108436299202e8000205aebebd5 dHash: 6331d16c5ccc8f87 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x013d597a |
| 编译时间 | 2013-06-21 03:48:07 |
| 校验和 | 0x03f0a023 (实际: 0x03f0a023) |
| 操作系统版本 | 5.1 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 | 27 库 |
| 导出 | 0 函数 |
| 资源 | 18 资源 |
| 节 | 19 节 |
| CompanyName | neople |
| FileDescription | Dungeon & Fighter |
| FileVersion | 1.180.2.1 |
| InternalName | DNF |
| LegalCopyright | Copyright (c) - 2005 |
| OriginalFilename | DNF.exe |
| ProductName | Dungeon & Fighter |
| ProductVersion | 1.0.0.0 |
| Translation | 0x0412 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
nsn |
0x00001000 |
18,141,126 bytes | 18,141,126 bytes | 6.66 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9734D367E198453A5BA8A65F49ADBFCA |
nsn |
0x0114e000 |
4,699,548 bytes | 4,699,548 bytes | 6.31 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B7228A563DEF3051D80431559DCCAC69 |
nsn |
0x015ca000 |
3,979,896 bytes | 3,979,896 bytes | 0.35 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
4E9BC8316F98E58BCDB6C6B9B24CD766 |
nsn |
0x01996000 |
206,969 bytes | 206,969 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
0CFE6152D79EA9AD77A37CDDD0D0C1D3 |
nsn |
0x019c9000 |
3,234,608 bytes | 3,234,608 bytes | 7.65 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B2E80DE5FD7D17448BC255909027CB8C |
nsn |
0x01cdf000 |
65,536 bytes | 65,536 bytes | 0.51 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
34648DF11476EC012839FFF33F0FB7A2 |
nsn |
0x01cef000 |
434,176 bytes | 434,176 bytes | 6.45 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
57522E1C0BFFCB307F27470AF51AAAFB |
nsn |
0x01d59000 |
8,278,016 bytes | 8,278,016 bytes | 7.26 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
F58497A7337E65452E34FD5A59B9D08E |
. fO |
0x0253e000 |
3,234,580 bytes | 3,234,580 bytes | 7.93 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
B34582822ACC4480898541011AA065B6 |
nsn |
0x02854000 |
17,050 bytes | 17,050 bytes | 6.57 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41B5F6375E8322CDA4FE67E5F250684 |
nsn |
0x02859000 |
108 bytes | 108 bytes | 4.89 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
433416890276646966A3E31758F69AF1 |
nsn |
0x0285a000 |
17,195,008 bytes | 17,195,008 bytes | 7.57 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B427826EFADA6930FA7B1D40E1F32E76 |
.vmp0 |
0x038c0000 |
53,067 bytes | 53,067 bytes | 6.87 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
DBF3250FB4C1F8FA8D47E5C8F8210340 |
.sjq |
0x038cd000 |
396 bytes | 396 bytes | 7.44 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A14FA18C4A967DFD99DCF9299447889C |
.mackt |
0x038ce000 |
12,288 bytes | 12,288 bytes | 5.54 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
1903A655CEBFF612DB4705777B699120 |
.>+i |
0x038d1000 |
3,234,580 bytes | 3,235,840 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D1E834065C2DE14045A95F85D011FD88 |
.new |
0x03be7000 |
62,812,160 bytes | 4,096 bytes | 0.73 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
7871C34E8E674825CB6D8440D4F12239 |
.54~ |
0x077ce000 |
2,480 bytes | 4,096 bytes | 5.67 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
44BEF72CD9C883B33648AB6E3E034F67 |
.rsrc |
0x077cf000 |
3,234,580 bytes | 3,235,840 bytes | 7.82 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BB9D28421FF9D3182B1E6372FC622A26 |
5 检测到高熵(≥7.5)的节 - 可能存在打包/加密
5 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| FILE | 6 | 2,889,148 字节 | |
| HSH | 6 | 58,247 字节 | |
| RT_ICON | 4 | 285,408 字节 | |
| RT_GROUP_ICON | 1 | 62 字节 | |
| RT_VERSION | 1 | 692 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
保持无恶意软件:使用 Gridinsoft 反恶意软件 保护您的 PC
Gridinsoft 反恶意软件正是如此——提供强大、用户友好的解决方案,让您安心,并不断更新以应对最新威胁。由网络安全专家设计,它提供实时保护和轻松删除恶意软件。这不仅仅是检测威胁;它是通过不间断的安全来增强您的数字生活。试一试,体验无忧浏览的感觉!
