| 文件名 | WsNativePushService.exe |
| 文件类型 |
PE32+ executable (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.210.174 |
| 数据库版本 | 2025-03-13 01:00:47 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
e8c41129b6610679723d6fa104dd6f4f
|
|
| SHA1 |
1d441a2a7915c0abe24700f87c3393bd7b59d11a
|
|
| SHA256 |
6b27d1f967bd4e33e51227fe9213a73c72350dbd3bc912d5440686076e6b8ed7
|
|
| SHA512 |
cad86cee99f5e411994f1be2833c84832a44f8f44cd8b4eed6c5fed79bedccb13a82c917ab3d207172b583aea2150f14a8bf3fe3a6cd484b9ac7dac8abe52eae
|
|
| ImpHash |
b4182f6f5a1b2abf8e2c547a914dc32f
|
| 映像基址 | 0x140000000 |
| 入口点 | 0x140032924 |
| 编译时间 | 2022-09-17 11:19:50 |
| 校验和 | 0x000c7815 (实际: 0x000c7815) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| PDB 路径 | F:\jenkins\workspace\nativepush\Bin\x64\Release\WsNativePushService.pdb |
| 数字签名 | OK |
| 导入 |
4 库
USERENV, KERNEL32, ADVAPI32, VERSION |
| 导出 | 0 函数 |
| 资源 | 2 资源 |
| 节 | 7 节 |
| CompanyName | Wondershare |
| FileDescription | NativePushService |
| FileVersion | 1.0.0.7 |
| InternalName | NativePushService.exe |
| LegalCopyright | Copyright(c) 2022 Wondershare. All rights reserved. |
| OriginalFilename | NativePushService.exe |
| ProductName | Wondershare NativePush |
| ProductVersion | 1.0.0.7 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
509,632 bytes | 509,952 bytes | 6.48 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
B9B1B6B463B5C93A1760A33D3D797FCA |
.rdata |
0x0007e000 |
174,826 bytes | 175,104 bytes | 4.75 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9B4DF154B53EF28E102B142694F98D29 |
.data |
0x000a9000 |
23,264 bytes | 14,336 bytes | 4.26 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
C4BF05F2BF61C5C3A5F3EEF7DB90120B |
.pdata |
0x000af000 |
25,512 bytes | 25,600 bytes | 5.85 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
7F9068CD230D5A3229FF0747E093BFDD |
_RDATA |
0x000b6000 |
148 bytes | 512 bytes | 1.43 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D9231431FDB115005F429441A98D3FF1 |
.rsrc |
0x000b7000 |
1,384 bytes | 1,536 bytes | 3.87 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F81800D7AC938BC21C0AB764EE7FAB06 |
.reloc |
0x000b8000 |
5,728 bytes | 6,144 bytes | 5.33 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
1A020D3D5AF60E530BBCE5D2E036E996 |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_VERSION | 1 | 832 字节 | |
| RT_MANIFEST | 1 | 392 字节 |
| 产品 | Wondershare NativePush |
| 描述 | NativePushService |
| 文件版本 | 1.0.0.7 |
| 原始名称 | NativePushService.exe |
| 签名日期 | 11:20 AM 09/17/2022 (1078 天前) |
| 验证状态 | Signed |
| 签名者 | Wondershare Technology Group Co.,Ltd; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert |
| 副签名者 | DigiCert Timestamp 2022 - 2; DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA; DigiCert Trusted Root G4; DigiCert |
| 内部名称 | NativePushService.exe |
| 版权 | Copyright(c) 2022 Wondershare. All rights reserved. |
0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D903 CB 34 FD 3D FF 12 11 33 9F F0 7C 4B 21 57 C705 94 A3 F9 DB 53 FB 3C 3C E1 4B 4A 68 BC FD A2✓ 此文件已进行数字签名,证书链已验证。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
