| 文件名 | ace.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MS CAB-Installer self-extracting archive
|
| 扫描器版本 | 1.0.210.174 |
| 数据库版本 | 2025-03-10 19:00:52 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
3dfa2b4fb5c832990e27492b678690a3
|
|
| SHA1 |
95eb27730cd61bbb06aa39a24cdc56d85b7694ca
|
|
| SHA256 |
341759e96378801c9ca273f5fe8a0defc6f622948c3a1ca15760f19895fb9be7
|
|
| SHA512 |
3b2c8187601e6ea0f0f145943d330ceea9b7e5d15e92999c35d60fddc0408b7afc1a2b76c2053d5ec35a476510ac01aa7dccfb258e24d8a754ff3ed51c7bdbdb
|
|
| ImpHash |
b83464d8132ecd9f810820e192566e15
|
| 图标 |
哈希: e8da5abe9752f0a27e183894c8881ac0
模糊: c5dace78993d50eaedeb05b7c48ce608 dHash: 848c5454baf47474 |
| 映像基址 | 0x01000000 |
| 入口点 | 0x01002723 |
| 编译时间 | 1997-07-15 11:48:12 |
| 校验和 | 0x001119a9 (实际: 0x001119a9) |
| 操作系统版本 | 5.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MS CAB-Installer self-extracting archive
|
| 数字签名 | Chain verification from OU=Microsoft Corporation, CN=Microsoft Corporation, L=Redmond, ST=Washington, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98, OU=VeriSign Commercial Software Publishers CA, O=VeriSign\, Inc., L=Internet (serial:113054657339103270637650726727089002036, sha1:8aa137f5039fe028c926aa5590141968faffe81a) failed: hash_algorithm must be one of "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "raw", not 'md2' |
| 导入 |
6 库
ADVAPI32, KERNEL32, GDI32, USER32, COMCTL32, VERSION |
| 导出 | 0 函数 |
| 资源 | 33 资源 |
| 节 | 3 节 |
| CompanyName | Microsoft Corporation |
| FileDescription | Win32 Cabinet Self-Extractor |
| FileVersion | 4.71.1015.0 |
| InternalName | Wextract |
| LegalCopyright | Copyright (C) Microsoft Corp. 1995 |
| OriginalFilename | WEXTRACT.EXE |
| ProductName | Microsoft(R) Windows NT(R) Operating System |
| ProductVersion | 4.71.1015.0 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
36,424 bytes | 36,864 bytes | 6.48 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
8DC8A136DF5D3ED47AA4273133905998 |
.data |
0x0000a000 |
7,180 bytes | 1,024 bytes | 4.10 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
A8800423228F9A86657C80297A8CE5F0 |
.rsrc |
0x0000c000 |
1,024,000 bytes | 1,022,976 bytes | 7.98 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1E9C23B0F0ED106550F9D54F0A9FA83A |
1 检测到高熵(≥7.5)的节 - 可能存在打包/加密
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| AVI | 1 | 11,802 字节 | |
| RT_ICON | 2 | 1,040 字节 | |
| RT_DIALOG | 6 | 2,356 字节 | |
| RT_STRING | 8 | 7,854 字节 | |
| RT_RCDATA | 14 | 996,738 字节 | |
| RT_GROUP_ICON | 1 | 34 字节 | |
| RT_VERSION | 1 | 1,000 字节 |
| 产品 | Microsoft(R) Windows NT(R) Operating System |
| 描述 | Win32 Cabinet Self-Extractor |
| 文件版本 | 4.71.1015.0 |
| 原始名称 | WEXTRACT.EXE |
| 签名日期 | 05:42 PM 03/17/2000 (9213 天前) |
| 验证状态 | Signed |
| 签名者 | Microsoft Corporation; VeriSign |
| 副签名者 | VeriSign Time Stamping Service CA SW1; VeriSign Time Stamping CA |
| 内部名称 | Wextract |
| 版权 | Copyright (C) Microsoft Corp. 1995 |
03 C7 8F 37 DB 92 28 DF 3C BB 1A AD 82 FA 67 10FC A4 A5 9F 2C 0F C0 B9 03 98 33 1B 7B 54 54 1D55 0D 88 F5 3F 64 16 D7 0C 73 00 D8 45 92 16 34✓ 此文件已进行数字签名,证书链已验证。
Chain verification from OU=Microsoft Corporation, CN=Microsoft Corporation, L=Redmond, ST=Washington, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98, OU=VeriSign Commercial Software Publishers CA, O=VeriSign\, Inc., L=Internet (serial:113054657339103270637650726727089002036, sha1:8aa137f5039fe028c926aa5590141968faffe81a) failed: hash_algorithm must be one of "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "raw", not 'md2'
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
