| 文件名 | f i v e.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.212.174 |
| 数据库版本 | 2025-04-04 16:00:46 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
601f079bf88ac2735766df4bf4ba46d2
|
|
| SHA1 |
b812a9d8aa779fff77adfa140004a77084f3b067
|
|
| SHA256 |
5a27bb86f5505a701e4301e800d865fff2e2edf0ee3c86c74c6a3488b6d0cda8
|
|
| SHA512 |
4c31e288b912531820b9f786b374532c3a2d41545ab83ed697a10a1bd098356c989ec30f143351c0a0936aaf767f7a1b0d045946eafc8bc13ac812d2e3a720fb
|
|
| ImpHash |
094a2fa69ff2589aaed2c2a0eff7c4b8
|
| 图标 |
哈希: 10fb173b89fe88ac9030ae2d207b89c1
模糊: 3b5d3c7d207e37dceeedd301e35e2e58 dHash: 0000000000000000 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140142190 |
| 编译时间 | 2020-10-04 05:00:00 |
| 校验和 | 0x00209b6a (实际: 0x00200ada) |
| 操作系统版本 | 5.2 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | nw.exe.pdb |
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
3 库
nw_elf, KERNEL32, VERSION |
| 导出 | 2 函数 |
| 资源 | 23 资源 |
| 节 | 12 节 |
| CompanyName | The NW.js Community |
| FileDescription | nwjs |
| FileVersion | 0.54.0 |
| InternalName | nw_exe |
| LegalCopyright | Copyright 2021, The NW.js community and The Chromium Authors. All rights reserved. |
| OriginalFilename | nw.exe |
| ProductName | nwjs |
| ProductVersion | 0.54.0 |
| CompanyShortName | nwjs.io |
| ProductShortName | nwjs |
| LastChange | 62f83a7521ae1f32e563795732dff0c9da1b660d-refs/heads/master@{#812354} |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,521,105 bytes | 1,521,152 bytes | 6.58 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
53C8D295452F1A14134CC94E833D0F5F |
.rdata |
0x00175000 |
302,908 bytes | 303,104 bytes | 5.63 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D33DA385E7BA8429288EA60A40E7CE98 |
.data |
0x001bf000 |
37,936 bytes | 15,360 bytes | 3.34 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
0AA98ED65A96A2AE925432A037700C86 |
.pdata |
0x001c9000 |
55,596 bytes | 55,808 bytes | 6.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5674A5E9164C0EEADDC03D232905FA3C |
.00cfg |
0x001d7000 |
40 bytes | 512 bytes | 0.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F2BD9CC9431F52E508EDD1FA2F2EDE4C |
.gehcont |
0x001d8000 |
84 bytes | 512 bytes | 0.58 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C2361E1CE85543604FC8F6C97C936BE5 |
.retplne |
0x001d9000 |
24 bytes | 512 bytes | 0.40 (正常) |
0x00000000
|
2523F52E128493F3A56E9683BDE9244C |
.tls |
0x001da000 |
305 bytes | 512 bytes | 0.14 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9EFA43AF7B1FAAE15FFBD428D0485819 |
CPADinfo |
0x001db000 |
56 bytes | 512 bytes | 0.12 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
60D3EA61D541C9BE2E845D2787FB9574 |
_RDATA |
0x001dc000 |
244 bytes | 512 bytes | 2.44 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
115A0792330DBB0133A4A9CD037D24A7 |
.rsrc |
0x001dd000 |
176,052 bytes | 176,128 bytes | 4.08 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
B42D51013C55EEB1B31D83513AAD23BE |
.reloc |
0x00208000 |
8,572 bytes | 8,704 bytes | 5.43 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
62C386B0C21045D71265C374ED2D5209 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| GOOGLEUPDATEAPPLICATIONCOMMANDS | 1 | 4 字节 | |
| RT_ICON | 17 | 172,239 字节 | |
| RT_GROUP_ICON | 3 | 256 字节 | |
| RT_VERSION | 1 | 1,072 字节 | |
| RT_MANIFEST | 1 | 1,068 字节 |
| 产品 | nwjs |
| 描述 | nwjs |
| 文件版本 | 0.54.0 |
| 原始名称 | nw.exe |
| 内部名称 | nw_exe |
| 版权 | Copyright 2021, The NW.js community and The Chromium Authors. All rights reserved. |
✓ 此文件已进行数字签名,证书链已验证。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
