| 文件名 | SynthEyes64.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.231.174 |
| 数据库版本 | 2025-12-14 15:00:19 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
67b8d994275edfcbbc277a2337843716
|
|
| SHA1 |
f3b46e9277e47aefb0634280f44fc487c04f51cb
|
|
| SHA256 |
27e42dd0a27df7e980eede01417bdc955873ca075fb8e2ed2c8306efb2b389bb
|
|
| SHA512 |
247d61f20400f3f8b6b7f558e377ea0948376e814c30d630975236fa8b5d6fcdfdc615304c01e70cb4b706610c5a0318a36bab2ad673727faa1b59220b929ce7
|
|
| ImpHash |
1fc86f97400ba296029045e7b68aea32
|
| 图标 |
哈希: 511f5e07c32e5358db2714a3687f58d7
模糊: d5bf2095a17b6c573ae7c1d945d9df18 dHash: 30e89ab8f8a8d830 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x142927d44 |
| 编译时间 | 2025-07-15 12:36:58 |
| 校验和 | 0x047bc231 (实际: 0x047bc31f) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | C:\Jenkins\workspace\syntheyes_syntheyes-2025.5_win\Skon\bin\SynthEyes64.pdb |
| 数字签名 | The expected hash does not match the digest in SpcInfo |
| 导入 | 36 库 |
| 导出 | 157 函数 |
| 资源 | 241 资源 |
| 节 | 8 节 |
| Comments | Integrating Imagination with Reality(tm) |
| CompanyName | Boris FX, Inc. (https://www.borisfx.com) |
| FileDescription | SynthEyes 2025.5 match-moving system |
| FileVersion | 2025, 7, 3074, 0 |
| InternalName | SynthEyes |
| LegalCopyright | Copyright 2003-2025 |
| LegalTrademarks | SynthEyes(tm), Sizzle(tm) |
| OriginalFilename | SynthEyes64.exe |
| ProductName | https://www.borisfx.com |
| ProductVersion | 2025, 7, 3074, 0 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
45,163,118 bytes | 45,163,520 bytes | 6.43 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
EAD79A12E64D1631730581BA1CD02048 |
.rdata |
0x02b14000 |
14,897,272 bytes | 14,897,664 bytes | 6.49 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
ED2646C7C598BA46DB3E5F84CFF13086 |
.data |
0x0394a000 |
15,073,376 bytes | 12,205,056 bytes | 5.10 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
C0D5F8A65C9FDCF428005C75C58D9F3D |
.pdata |
0x047ab000 |
2,044,608 bytes | 2,044,928 bytes | 7.12 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
60E52E0C04AB3ADF7E357E4DACCD63AF |
.pxrctor |
0x0499f000 |
3,968 bytes | 4,096 bytes | 3.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
0C0A7E061AC4960868588B0AE727CEFA |
CPADinfo |
0x049a0000 |
56 bytes | 512 bytes | 0.12 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
60D3EA61D541C9BE2E845D2787FB9574 |
.rsrc |
0x049a1000 |
667,304 bytes | 667,648 bytes | 4.89 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D28A875D35B621B142FC7DA3F5626410 |
.reloc |
0x04a44000 |
192,860 bytes | 193,024 bytes | 5.53 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
F4AB6073C724749B4C743D983D959FE9 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| AFX_DIALOG_LAYOUT | 49 | 98 字节 | |
| RT_ICON | 45 | 495,590 字节 | |
| RT_MENU | 2 | 35,808 字节 | |
| RT_DIALOG | 124 | 120,342 字节 | |
| RT_GROUP_ICON | 19 | 744 字节 | |
| RT_VERSION | 1 | 1,072 字节 | |
| RT_MANIFEST | 1 | 1,059 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
The expected hash does not match the digest in SpcInfo
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
保持无恶意软件:使用 Gridinsoft 反恶意软件 保护您的 PC
Gridinsoft 反恶意软件正是如此——提供强大、用户友好的解决方案,让您安心,并不断更新以应对最新威胁。由网络安全专家设计,它提供实时保护和轻松删除恶意软件。这不仅仅是检测威胁;它是通过不间断的安全来增强您的数字生活。试一试,体验无忧浏览的感觉!
