| 文件名 | horny_doctor_deluxe_windows.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
| 扫描器版本 | 1.0.216.174 |
| 数据库版本 | 2025-05-15 06:00:28 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
15603f18c524d925993a268c6a34ab63
|
|
| SHA1 |
51dd491580344fc1a9eeadee70832271e93e81a9
|
|
| SHA256 |
5bcc3f2f2872c8f91e6aa1f70f829a0ae0732bfa96c55ac329f3b1d4b3ec6e67
|
|
| SHA512 |
10d44ccd489ac95ab07482f8248d3cde59072602f54bd72f2ac7c062f32202c9968a9f979ea6392954946bdf6cda1f883aeae145353c51b1c4c771a378c4078d
|
|
| ImpHash |
1b5031dfe417e10aec0a4aac4a2e9c55
|
| 图标 |
哈希: b7b73bec3f63ba1bdd740d35e99e6afa
模糊: 6d7254ba3e1f73d455af60abaa67a27a dHash: 79dacccee6e0d966 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x1400014c0 |
| 编译时间 | 1970-01-01 00:00:00 |
| 校验和 | 0x024594a7 (实际: 0x0242fc73) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 | 18 库 |
| 导出 | 5 函数 |
| 资源 | 9 资源 |
| 节 | 13 节 |
| CompanyName | Strange Girl Studios |
| FileDescription | Horny Doctor Game |
| FileVersion | 0.0.5.0 |
| ProductName | Horny Doctor |
| Licence | MIT |
| LegalCopyright | Strange Girl @ 2025 |
| Info | https://godotengine.org |
| ProductVersion | 0.0.5.0 |
| LegalTrademarks | Strange Girl @ 2025 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
30,822,760 bytes | 30,822,912 bytes | 6.38 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
C7FCE69C6DE8E9270714F28BD37478DF |
.data |
0x01d67000 |
25,600 bytes | 25,600 bytes | 2.45 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
3A2B1AA291AA4A633B81308156D87385 |
.rdata |
0x01d6e000 |
3,704,896 bytes | 3,705,344 bytes | 6.14 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9DC980C02266B8B8CCEF5CA9B1C5817F |
pck |
0x020f7000 |
8 bytes | 512 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BF619EAC0CDF3F68D496EA9344137E8B |
.pdata |
0x020f8000 |
597,180 bytes | 597,504 bytes | 6.96 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
639FDAF239A946A3A42F61CC6794AC2D |
.xdata |
0x0218a000 |
2,354,220 bytes | 2,354,688 bytes | 5.83 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
14DF0EAC57AD82E78342E9B0FCA91B58 |
.bss |
0x023c9000 |
75,600 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.edata |
0x023dc000 |
209 bytes | 512 bytes | 2.81 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5430DFA1782F822F0FBE4CB34CF178C0 |
.idata |
0x023dd000 |
15,716 bytes | 15,872 bytes | 5.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
13A69DB7CF3E6304716DDCA55BCBC3E2 |
.CRT |
0x023e1000 |
112 bytes | 512 bytes | 0.49 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
7CC22CBEBC2722CDEADFE5A2F8792FF9 |
.tls |
0x023e2000 |
16 bytes | 512 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BF619EAC0CDF3F68D496EA9344137E8B |
.rsrc |
0x023e3000 |
185,052 bytes | 185,344 bytes | 7.32 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
C2F4B57802627ED3911F2AF675DB734E |
.reloc |
0x02411000 |
169,800 bytes | 169,984 bytes | 5.47 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
7A9AF0B57035C2583EB28663D0CB0BB5 |
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 6 | 183,531 字节 | |
| RT_GROUP_ICON | 2 | 180 字节 | |
| RT_VERSION | 1 | 792 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
