| 文件名 | chunker (1).exe |
| 文件类型 |
PE32+ executable (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.212.174 |
| 数据库版本 | 2025-04-08 21:01:02 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
8f25fc32676e59b430c373ebc69c240f
|
|
| SHA1 |
62601c6c38223e138919a20f7d619577ac9ead33
|
|
| SHA256 |
6418d1217965c01967444dad3264579dc82119bb7f7beb52e1a521fd28835e35
|
|
| SHA512 |
e6e489b834d61d406eb4e2a65103ce166702e8ef02237e7af7f80c4dc811b44f825f77fb5c00a382dd39c203d4bfe921d52b83333ec5ed338750190b48ca0f37
|
|
| ImpHash |
d42595b695fc008ef2c56aabd8efd68e
|
| 映像基址 | 0x00400000 |
| 入口点 | 0x00478360 |
| 编译时间 | 1970-01-01 00:00:00 |
| 校验和 | 0x00000000 (实际: 0x00ef0612) |
| 操作系统版本 | 6.1 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
1 库
kernel32 |
| 导出 | 0 函数 |
| 资源 | 0 资源 |
| 节 | 15 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
4,707,953 bytes | 4,708,352 bytes | 6.19 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
847A0AF4F3907C35B3A8256789612FEA |
.rdata |
0x0047f000 |
4,740,064 bytes | 4,740,096 bytes | 5.64 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F967666F4D0A033F32351A0545083195 |
.data |
0x00905000 |
1,577,584 bytes | 1,219,072 bytes | 4.71 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
81372AB25F92BBB8A452DAE8507D343A |
.pdata |
0x00a87000 |
94,344 bytes | 94,720 bytes | 5.60 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BDC6C4349992EBB7105D86EDA4DB4DC4 |
.xdata |
0x00a9f000 |
180 bytes | 512 bytes | 1.78 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
4293F548F20B3E21AE4399A42BE35D7E |
/4 |
0x00aa0000 |
331 bytes | 512 bytes | 5.58 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
523EAECD9190DFD8860C76496FE54D39 |
/19 |
0x00aa1000 |
853,693 bytes | 854,016 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
E7D72EF5273847C6FDBEB98B0D785D1B |
/32 |
0x00b72000 |
156,033 bytes | 156,160 bytes | 7.94 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
1B01CC34695D27C0D4381BB7A50F6E4C |
/46 |
0x00b99000 |
101 bytes | 512 bytes | 1.61 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
CAC5B3AE082716A2B63C41AF3D1205B2 |
/65 |
0x00b9a000 |
1,517,179 bytes | 1,517,568 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
81883C28B1D6927C15992B371088D1FB |
/78 |
0x00d0d000 |
1,119,716 bytes | 1,119,744 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
AFE7D4D09CDFA8053F4F71F195A35AAC |
/90 |
0x00e1f000 |
387,755 bytes | 388,096 bytes | 7.85 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
F1CEC115EF7854FEA47D383709852501 |
.idata |
0x00e7e000 |
1,342 bytes | 1,536 bytes | 4.01 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E013134B8AE59669FA243D61A4A07DF3 |
.reloc |
0x00e7f000 |
92,348 bytes | 92,672 bytes | 5.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
1958584CAE8FE58851F23840DFDFE76B |
.symtab |
0x00e96000 |
716,257 bytes | 716,288 bytes | 5.39 (正常) |
IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
1EFC7BEABF48AF7138B299F9694723E1 |
5 检测到高熵(≥7.5)的节 - 可能存在打包/加密
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
