| 文件名 | FL64.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.228.174 |
| 数据库版本 | 2025-11-05 01:00:21 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
8f191f904ea33357d2c2fea1d982962b
|
|
| SHA1 |
fa15d806e47f4deb9dcd2124bd5294bc9c162a01
|
|
| SHA256 |
273ecdc1c2421628402b0e69ec927fda2d110fd2e7d55c2ffcd3a6c14cf78e8f
|
|
| SHA512 |
33fc31f6377fcb515beb9576eebce807737dffba543a2183c419b9cd18b280a7bcc22e1c06bdf2c78983de2bc827228395bcaaee4891641662336c47aa630102
|
|
| ImpHash |
7e349b0a67568cd36fe2ab14fd814c8b
|
| 图标 |
哈希: 0ae26ef28b4d6932e1e5c1be6e312dfe
模糊: 65c101bdf2d311ed3fbfd74fba495bcb dHash: f8f87879793998e8 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140030e44 |
| 编译时间 | 2025-09-22 07:46:52 |
| 校验和 | 0x0011e75f (实际: 0x0011eb5d) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 数字签名 | Chain verification from CN=Image Line (serial:-134698403968793511265905581838736896500, sha1:bbc705d3179ba1cdde5afb573345260b0fb6d31c) failed: The X.509 certificate provided is self-signed - "Common Name: Image Line" |
| 导入 |
5 库
KERNEL32, USER32, ADVAPI32, WINTRUST, CRYPT32 |
| 导出 | 2 函数 |
| 资源 | 16 资源 |
| 节 | 10 节 |
| CompanyName | Image-Line |
| FileDescription | FL Studio |
| FileVersion | 25.1.6.4997 |
| InternalName | FL |
| LegalCopyright | Copyright © 1998-2025 by Image-Line. All rights reserved. |
| OriginalFilename | FL.exe |
| ProductName | FL Studio |
| ProductVersion | 25.1.6.4997 |
| Translation | 0x0009 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
361,328 bytes | 361,472 bytes | 6.52 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
33D8703DDD89AFC26C4DAFDAC03F078C |
.rdata |
0x0005a000 |
95,242 bytes | 95,744 bytes | 5.16 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A8CC6BC32C615E9B598FE09B216128FF |
.data |
0x00072000 |
78,596 bytes | 7,168 bytes | 3.60 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
525C69B9B00DE3D1A8186420C9537D9D |
.pdata |
0x00086000 |
13,392 bytes | 13,824 bytes | 5.58 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9702A612B20C56B089F71208E656D16D |
_RDATA |
0x0008a000 |
244 bytes | 512 bytes | 2.44 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F6183F961608AC4391D214255BFB23AA |
.rsrc |
0x0008b000 |
103,184 bytes | 103,424 bytes | 7.13 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E67F51425B57D84D829A0F6722507D72 |
.reloc |
0x000a5000 |
3,236 bytes | 3,584 bytes | 5.27 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
D9D90527C715377C40653477C4D0C3D3 |
.avm0 |
0x000a6000 |
401,611 bytes | 401,920 bytes | 6.12 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
F7EA9F3FDC0715C1804AAC639A80A58E |
.avm1 |
0x00109000 |
120,527 bytes | 120,832 bytes | 6.12 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
5575962F752503572079AD5718041378 |
.idata |
0x00127000 |
3,584 bytes | 3,584 bytes | 4.66 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
867BB1F48D15EE4F4BEB2C2EFCE6DEAC |
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 13 | 100,055 字节 | |
| RT_GROUP_ICON | 1 | 188 字节 | |
| RT_VERSION | 1 | 752 字节 | |
| RT_MANIFEST | 1 | 1,299 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
Chain verification from CN=Image Line (serial:-134698403968793511265905581838736896500, sha1:bbc705d3179ba1cdde5afb573345260b0fb6d31c) failed: The X.509 certificate provided is self-signed - "Common Name: Image Line"
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
保持无恶意软件:使用 Gridinsoft 反恶意软件 保护您的 PC
Gridinsoft 反恶意软件正是如此——提供强大、用户友好的解决方案,让您安心,并不断更新以应对最新威胁。由网络安全专家设计,它提供实时保护和轻松删除恶意软件。这不仅仅是检测威胁;它是通过不间断的安全来增强您的数字生活。试一试,体验无忧浏览的感觉!
