| 文件名 | HiSuiteDownLoader.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.202.174 |
| 数据库版本 | 2025-01-05 11:00:32 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
eac0c522db042eaa0a7d2d3452534e5f
|
|
| SHA1 |
f21975ca5d5f1042eec67df73281d545e21867d6
|
|
| SHA256 |
57c82aa014e11e6fb795da9168db4523c1ff8aa4f94b76c5c10102552d598df4
|
|
| SHA512 |
079eed6cf1dc122bb98299bfed871a767b92b9e0fcf6f83878ec84caf3658e85de40e09714e61520e3c2981770f769cee702b7f250c402c968f2907960bf511c
|
|
| ImpHash |
ffdd3539d89d186d52fc3a5fff369af0
|
| 图标 |
哈希: 794efa8a3ba022675f19c77aafdf361e
模糊: 37a061a87080da2c4ba0737bab00f526 dHash: 71dcbc8cc8f8f871 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x004719ca |
| 编译时间 | 2021-04-23 08:36:13 |
| 校验和 | 0x002c4905 (实际: 0x002c4905) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| PDB 路径 | D:\HISUITE_EMUI\202114191135\windows\tools\HiSuiteDownLoader\Release\HiSuiteDownLoader.pdb |
| 数字签名 | Chain verification from CN=Huawei Technologies Co.\, Ltd., O=Huawei Technologies Co.\, Ltd., L=Shenzhen, ST=Guangdong, C=CN (serial:93150918405858403119876268083733562505, sha1:878ce7c28c8079f0117f65fa5a7742ad017eab9d) failed: The path could not be validated because intermediate certificate 1 expired 2023-12-09 23:59:59Z |
| 导入 | 17 库 |
| 导出 | 0 函数 |
| 资源 | 69 资源 |
| 节 | 5 节 |
| FileDescription | HiSuiteDownLoader Application |
| FileVersion | 1.0.3.9 |
| InternalName | HiSuiteDownLoader |
| LegalCopyright | Copyright (C) 2021 |
| OriginalFilename | HiSuiteDownLoader.EXE |
| ProductName | HiSuiteDownLoader Application |
| ProductVersion | 1.0.3.9 |
| Translation | 0x0804 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,005,842 bytes | 1,006,080 bytes | 6.60 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
E8DECA7434B849F96A92D2020B2D671C |
.rdata |
0x000f7000 |
247,282 bytes | 247,296 bytes | 5.62 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
04402AD7473EE968ACB2CF40D9F3B1FE |
.data |
0x00134000 |
31,880 bytes | 17,408 bytes | 4.55 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BE6AF8402D03DE4F7BAA0883C242FDFC |
.rsrc |
0x0013c000 |
1,521,408 bytes | 1,521,664 bytes | 7.98 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
47886547CF07359BAFC550715ED05276 |
.reloc |
0x002b0000 |
62,852 bytes | 62,976 bytes | 6.65 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
350CAF0A5AD09E3787D672C08666FA40 |
1 检测到高熵(≥7.5)的节 - 可能存在打包/加密
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| PNG | 6 | 126,991 字节 | |
| ZIP | 1 | 1,349,958 字节 | |
| RT_CURSOR | 16 | 4,800 字节 | |
| RT_BITMAP | 2 | 508 字节 | |
| RT_ICON | 10 | 25,552 字节 | |
| RT_DIALOG | 3 | 1,186 字节 | |
| RT_STRING | 13 | 6,826 字节 | |
| RT_GROUP_CURSOR | 15 | 314 字节 | |
| RT_GROUP_ICON | 1 | 146 字节 | |
| RT_VERSION | 1 | 740 字节 | |
| RT_MANIFEST | 1 | 548 字节 |
| 产品 | HiSuiteDownLoader Application |
| 描述 | HiSuiteDownLoader Application |
| 文件版本 | 1.0.3.9 |
| 原始名称 | HiSuiteDownLoader.EXE |
| 验证状态 | A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. |
| 签名者 | Huawei Technologies Co., Ltd.; Symantec Class 3 SHA256 Code Signing CA; VeriSign |
| 内部名称 | HiSuiteDownLoader |
| 版权 | Copyright (C) 2021 |
46 14 36 DD 0D 93 0D D9 3F 21 98 A4 5A 4F 84 893D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A✓ 此文件已进行数字签名,证书链已验证。
Chain verification from CN=Huawei Technologies Co.\, Ltd., O=Huawei Technologies Co.\, Ltd., L=Shenzhen, ST=Guangdong, C=CN (serial:93150918405858403119876268083733562505, sha1:878ce7c28c8079f0117f65fa5a7742ad017eab9d) failed: The path could not be validated because intermediate certificate 1 expired 2023-12-09 23:59:59Z
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
