| 文件名 | Sad_Satan.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.216.174 |
| 数据库版本 | 2025-05-20 16:00:28 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
5dbd283e1d8176875fad9e1ac55c3d8f
|
|
| SHA1 |
69b9f9f76edfd0313cf742b061f22dc44dbbb22f
|
|
| SHA256 |
44906b6e9015742a43e3cf30beef51642d7e6349d02a86ce12464d8b5639973b
|
|
| SHA512 |
e6454bd17d0d4a14a9198073e62b5755964aa9e556e20363247c6dadfeca99c10a61935f12ad4e8f5af53843ad0f9fde719f01b52340406006fcce40f7a4444c
|
|
| ImpHash |
4634a50ee7a5b71b611a5769d78d3f48
|
| 图标 |
哈希: 10ee5720cc16a2d324deff2015ea1b54
模糊: dbbd6927a1e7c078a6cc4c6dc8f9e2d3 dHash: b000f0f0cccc10cc |
| 映像基址 | 0x140000000 |
| 入口点 | 0x1406948c0 |
| 编译时间 | 2015-03-27 11:14:41 |
| 校验和 | 0x011d6388 (实际: 0x011cf5be) |
| 操作系统版本 | 5.2 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | C:\buildslave\unity\build\build\WindowsStandaloneSupport\Variations\win64_nondevelopment_mono\player_win_x64.pdb |
| 数字签名 | The expected hash does not match the digest in SpcInfo |
| 导入 | 18 库 |
| 导出 | 3230 函数 |
| 资源 | 17 资源 |
| 节 | 10 节 |
| FileVersion | 5.0.1.5910159 |
| ProductVersion | 5.0.1.5910159 |
| Unity Version | 5.0.1f1_5a2e8fe35a68 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
13,730,812 bytes | 13,730,816 bytes | 6.48 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
760B71C2679939A29B1227681ABB6123 |
.rdata |
0x00d1a000 |
2,828,263 bytes | 2,828,288 bytes | 6.01 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1BB4233321661E2A11537900A726CEF9 |
.data |
0x00fcd000 |
1,490,240 bytes | 649,216 bytes | 4.90 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E4B1E60A95241D457AB127A7EB541211 |
.pdata |
0x01139000 |
690,120 bytes | 690,176 bytes | 6.59 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A2962800D40A79F25EBA90DB41FDAA1E |
text |
0x011e2000 |
12,085 bytes | 12,288 bytes | 5.79 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE
|
C64DCABBF64D9E47253C4ECE82B8518C |
data |
0x011e5000 |
26,452 bytes | 26,624 bytes | 6.40 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
FA1F8E536493B8BFF5CBAE15B1CADA56 |
.trace |
0x011ec000 |
2,888 bytes | 3,072 bytes | 5.83 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D467B12FA754DCE83F9F776B288A5990 |
_RDATA |
0x011ed000 |
4,608 bytes | 4,608 bytes | 3.94 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
15E0F488227DA857A362902FB7C06BFC |
.rsrc |
0x011ef000 |
566,088 bytes | 566,272 bytes | 1.65 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A9302A9BBC56672D5299B1B69EB1335E |
.reloc |
0x0127a000 |
149,656 bytes | 150,016 bytes | 4.34 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
98D51C78C3E467670091D9B03E9410D8 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 9 | 562,568 字节 | |
| RT_DIALOG | 5 | 1,372 字节 | |
| RT_GROUP_ICON | 1 | 132 字节 | |
| RT_VERSION | 1 | 424 字节 | |
| RT_MANIFEST | 1 | 601 字节 |
| 文件版本 | 5.0.1.5910159 |
| 签名日期 | 11:15 AM 03/27/2015 (3870 天前) |
| 验证状态 | The digital signature of the object did not verify. |
| 签名者 | Unity Technologies SF; VeriSign Class 3 Code Signing 2010 CA; VeriSign |
| 副签名者 | Symantec Time Stamping Services Signer - G4; Symantec Time Stamping Services CA - G2; Thawte Timestamping CA |
7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 503D 49 0B A4 19 1C CE 04 95 D6 7C AA 20 64 5F A3✓ 此文件已进行数字签名,证书链已验证。
The expected hash does not match the digest in SpcInfo
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
