在线病毒检测器 | v.1.0.188.174 |
数据库版本: | 2024-09-17 20:07:06 |
“Heur”代表“启发式”,这意味着我们使用一组规则、算法或行为分析来检测潜在的威胁,这些威胁可能没有特定的已知签名。这是一种主动的方法,用于识别可能表示特洛伊木马或其他恶意软件存在的可疑行为或代码模式。该文件的行为或特征触发了启发式分析,可能是恶意的迹象。然而,并不一定意味着该文件确实是特洛伊木马。它也可能是误报,即合法程序展示出类似恶意活动的行为。
File | FExportView.dll |
已检查 | 2024-09-17 18:04:11 |
MD5 | e62353b78dbcd396a293c0dc91ad830c |
SHA1 | 8ab01a99270ab82171b434153882237e11996128 |
SHA256 | 4fc034de654c52075208b6ddc394e6605f9ba1f100b49454751c671b8a9eb175 |
SHA512 | dfa9b55d392eb787f60de8aea76801d53e39cb6a89c1506354873df53f7e61f5a11b173f7e89d22c996886f88f3830c61bfa3cc1a91fc27ae401cba3503b43a6 |
Imphash | 48b36fe258d5b66a2fce82e90d1cfba1 |
File Size | 7155200 bytes |
Gridinsoft能够识别并消除Trojan.Heur!.02290022,无需进一步的用户干预。
CompanyName | Wondershare |
FileDescription | FExportView |
FileVersion | 13, 6, 4, 8382 |
InternalName | FExportView |
LegalCopyright | Copyright (c) 2020-2024 Wondershare. All rights reserved. |
OriginalFilename | FExportView |
ProductName | FExportView |
ProductVersion | 13.6.4.8382 |
Translation | 0x0804 0x04b0 |
a4c09c4859e5ebf0c25d5741e4dcf096 f3a8cd694b22d7e9f267a395d00d9ba9 c69a727219ccb2b2 |
|
Image Base: | 0x180000000 |
Entry Point: | 0x180c03091 |
Compilation: | 2024-07-22 14:35:55 |
Checksum: | 0x006d953f (Actual: 0x006d953f) |
OS Version: | 6.0 |
PEiD: | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 9 |
Imports: | Qt5Gui, Qt5Xml, FCommonView, FFCloudDisk, WsAP-FilmoraX, Qt5Core, FCore, FFIPC, FFAppSettings, FUserGuide, FFAppLicense, FFWsAP, FFVBLModel, FFWidgets, FFFilmoraCore, FFCore, KERNEL32, USER32, ole32, OLEAUT32, MSVCP140, VCRUNTIME140, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-math-l1-1-0, |
Exports: | 331 |
Resources: | 12 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.text | 0x00001000 | 0x001ed800 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.rdata | 0x001ef000 | 0x00278632 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.data | 0x00468000 | 0x00006b70 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.pdata | 0x0046f000 | 0x00015e10 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.5N80 | 0x00485000 | 0x00261e26 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.5N81 | 0x006e7000 | 0x00004fa0 | 0x00005000 | 8d084ac53a9d2f4523c4cfe1eb4ac31b | 3.50 |
.5N82 | 0x006ec000 | 0x0069d65c | 0x0069d800 | d3232bec1ddc35e46be23f6cd9646826 | 7.92 |
.reloc | 0x00d8a000 | 0x000000ec | 0x00000200 | 28fcaddbb84db12ef1401a43ea1ac400 | 2.12 |
.rsrc | 0x00d8b000 | 0x0002fefd | 0x00030000 | 9c6f4f18499fda7c2291978290ce2d06 | 5.95 |