| 文件名 | HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.220.174 |
| 数据库版本 | 2025-07-16 18:00:26 UTC |
恶意软件家族: Gen
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
3a6da0bdd054d3f1bb0f4667c00dbf77
|
|
| SHA1 |
888a1e905691c8b2b3b4daf556469be493fb10fb
|
|
| SHA256 |
446e83f044b6319c85d16ace8fc63537a0d8b541658a90dae375756495535003
|
|
| SHA512 |
1a384a49b4b5a81f8cf559bb476c57a3f7b73250eb86c625bffaa32a0cd679480076c9aaa49209fa73c79db1bf199724078763c1ecb05e7045911453c57f070a
|
|
| ImpHash |
846ce39cddd11fb3e7c4b19ac27aa6c2
|
| 图标 |
哈希: 5b5c69756305e5b7bcc03412fe64a17c
模糊: a1c738eea59667290c83d00f50a19604 dHash: 70f8fc7a7e2eaaf0 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x1400302c4 |
| 编译时间 | 2023-08-20 12:49:44 |
| 校验和 | 0x00000000 (实际: 0x0013f401) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
10 库
KERNEL32, USER32, ADVAPI32, SHELL32, ole32, OLEAUT32, mscoree, WININET, VERSION, WINMM |
| 导出 | 0 函数 |
| 资源 | 17 资源 |
| 节 | 7 节 |
| CompanyName | 3DMGAME |
| FileDescription | HITMAN 3 v3.10-v3.160 Plus 13 Trainer |
| FileVersion | 1.0.0.1 |
| InternalName | HITMAN 3 v3.10-v3.160 Plus 13 Trainer |
| LegalCopyright | FLiNG Copyright (C) 2023 |
| OriginalFilename | HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe |
| ProductName | HITMAN 3 v3.10-v3.160 Plus 13 Trainer |
| ProductVersion | 1.0.840.2 |
| Translation | 0x0000 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
350,284 bytes | 350,720 bytes | 6.44 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
1A8A4EB429703A566FB31B84382B7CC3 |
.rdata |
0x00057000 |
110,856 bytes | 111,104 bytes | 5.16 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
72EDEEC0F2EB923A19F3FB0E5F9EF883 |
.data |
0x00073000 |
14,636 bytes | 6,144 bytes | 3.17 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
FF6A20CD05BF6DE9132AFCBD38FD0E17 |
.pdata |
0x00077000 |
16,200 bytes | 16,384 bytes | 5.68 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
08674889C14CFFAB8C29432E317EDD52 |
_RDATA |
0x0007b000 |
348 bytes | 512 bytes | 3.33 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
492B5E312CC5BAF2D83D03F664108A71 |
.rsrc |
0x0007c000 |
785,144 bytes | 785,408 bytes | 7.12 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
39380C336F2A7E9E084C40DF86C03818 |
.reloc |
0x0013c000 |
2,768 bytes | 3,072 bytes | 5.25 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
1D7179F734EE8F1A20F93190604477B5 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| COVER | 1 | 43,630 字节 | |
| REMOTE | 2 | 308,228 字节 | |
| UI | 1 | 192,000 字节 | |
| WAVE | 2 | 22,222 字节 | |
| RT_ICON | 8 | 216,276 字节 | |
| RT_GROUP_ICON | 1 | 118 字节 | |
| RT_VERSION | 1 | 916 字节 | |
| RT_MANIFEST | 1 | 653 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
