| 文件名 | visualcam.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.223.174 |
| 数据库版本 | 2025-08-24 10:00:41 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
8f4ffa6adc4c9cd0da2af39ddf877ef6
|
|
| SHA1 |
1e99a2e92d3ddd0e3ead69e35a67e00810f66ff2
|
|
| SHA256 |
3d9701775b0bc2fdca70b0a0750769151a3969d46de40c1d02df3619e49c7b5b
|
|
| SHA512 |
0eba8f498d7bcf51d88b3c33aea3b1366b67a917d2250bac944072b4ea8434aaa2be3ddae951ee28c1b6d75e0ea13659fe3c90ee2825e8a0b9db45becd48be8d
|
|
| ImpHash |
82eeb5f4f2ca21d99c9c5c8fdab769d7
|
| 图标 |
哈希: bdb27dd80cfb08c4d0db17ecd400be5c
模糊: 182d7c9d8aef42176cebd559904a3dd2 dHash: ccbb4d686a33b3e8 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x1407696f8 |
| 编译时间 | 2019-01-11 20:13:52 |
| 校验和 | 0x00f3d0a2 (实际: 0x00f445c0) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 数字签名 | The expected hash does not match the digest in SpcInfo |
| 导入 | 45 库 |
| 导出 | 1121 函数 |
| 资源 | 864 资源 |
| 节 | 8 节 |
| CompanyName | WISE Software Solutions, Inc. |
| FileDescription | VisualCAM Executable |
| FileVersion | 16.9.69.0 |
| InternalName | VisualCAM |
| LegalCopyright | Copyright © 1989-2018 WISE Software Solutions, Inc. |
| LegalTrademarks | VisualCAM, GerbTool, esiCAM, LaserViaCAM and WiseView are trademarks of WISE Software Solutions, Inc. |
| OriginalFilename | VisualCAM.exe |
| ProductName | WISE Software VisualCAM |
| ProductVersion | 16.9.0.0 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
8,788,476 bytes | 8,788,480 bytes | 6.38 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
9D997E36BEF8A36BC3564F5CF92458CB |
.textidx |
0x00863000 |
1,194,637 bytes | 1,195,008 bytes | 5.50 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
7FECA97959C5DC308FE17C1284AC6BF5 |
.rdata |
0x00987000 |
3,750,974 bytes | 3,751,424 bytes | 5.16 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
64519D9D2C09BD1C68BCFFCD9D245DAF |
.data |
0x00d1b000 |
1,602,604 bytes | 861,184 bytes | 4.82 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
661CC6B2CBB11ECF91D1D3973D21A9C6 |
.pdata |
0x00ea3000 |
452,736 bytes | 453,120 bytes | 6.51 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
CEABDDCC34F77708DEA1B26B9E771730 |
.gfids |
0x00f12000 |
68 bytes | 512 bytes | 0.35 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9C3EF078DFB29C07117F884FD0AC1785 |
.tls |
0x00f13000 |
9 bytes | 512 bytes | 0.02 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
1F354D76203061BFDD5A53DAE48D5435 |
.rsrc |
0x00f14000 |
884,000 bytes | 884,224 bytes | 5.41 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
FC7945B13DBA49A5F3E2EC73ED3079F9 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| AFX_DIALOG_LAYOUT | 30 | 60 字节 | |
| RT_CURSOR | 10 | 3,136 字节 | |
| RT_BITMAP | 71 | 325,880 字节 | |
| RT_ICON | 142 | 150,182 字节 | |
| RT_MENU | 5 | 21,744 字节 | |
| RT_DIALOG | 346 | 271,950 字节 | |
| RT_STRING | 88 | 56,872 字节 | |
| RT_ACCELERATOR | 1 | 48 字节 | |
| RT_GROUP_CURSOR | 7 | 182 字节 | |
| RT_GROUP_ICON | 132 | 2,780 字节 | |
| RT_VERSION | 1 | 1,088 字节 | |
| RT_MANIFEST | 1 | 798 字节 | |
| None | 30 | 5,339 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
The expected hash does not match the digest in SpcInfo
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
