文件名 | winrar-x64-621ru.exe |
文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
扫描器版本 | 1.0.144.174 |
数据库版本 | 2023-10-31 11:02:56 UTC |
我们的扫描器未检测到威胁
哈希类型 | 值 | 操作 |
---|---|---|
MD5 |
5f966b8d0f33e65b1b07fa304ba592e5
|
|
SHA1 |
c5a3c348ab9b8c98046727aebba4ce2f746e6057
|
|
SHA256 |
74646a5d9f746c4036631bbbb373a9ecfa3cc3a4b911deb71d0e3f1473cb88d6
|
|
SHA512 |
3dc3d00bf29c2c2e3675fc6d2e5887a1dc5aa883bba03b493d5a6b84a1975016588351409945a59f12aec8c434eb09116f5885ba06cd50f62e8625ee48478a9b
|
|
ImpHash |
93b9d508050f74b56e67b9b55c5a60f4
|
图标 |
哈希: d4a9c34f7171828c8adc9c3a0307afb8
模糊: 2ea515c30e1a6ee8ad367944867f72e8 dHash: b233332a6b2ab232 |
映像基址 | 0x140000000 |
入口点 | 0x140025320 |
编译时间 | 2023-02-16 12:31:41 |
校验和 | 0x0039faee (实际: 0x0039faee) |
操作系统版本 | 6.0 |
PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
PDB 路径 | D:\Projects\WinRAR\sfx\setup\build\sfxrar64\Release\sfxrar.pdb |
数字签名 | OK |
导入 |
3 库
KERNEL32, OLEAUT32, gdiplus |
导出 | 0 函数 |
资源 | 25 资源 |
节 | 8 节 |
GlobalSign | GlobalSign nv-sa (BE) |
GlobalSign CodeSigning CA - SHA256 - G3 | win.rar GmbH (DE) |
DigiCert Assured ID Root CA | DigiCert Inc (US) |
DigiCert Trusted Root G4 | DigiCert, Inc. (US) |
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA | DigiCert (US) |
ProductName | WinRAR |
CompanyName | Alexander Roshal |
FileDescription | WinRAR archiver |
FileVersion | 6.21.0 |
ProductVersion | 6.21.0 |
InternalName | WinRAR |
LegalCopyright | Copyright © Alexander Roshal 1993-2023 |
OriginalFilename | WinRAR.exe |
Translation | 0x0419 0x04e3 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
---|---|---|---|---|---|---|
.text |
0x00001000 |
250,014 bytes | 250,368 bytes | 6.51 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
3B09718F91364436790CE10A71105786 |
.rdata |
0x0003f000 |
66,038 bytes | 66,048 bytes | 5.16 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
36C5E5F845C255D69699275CD49F09EA |
.data |
0x00050000 |
152,948 bytes | 5,120 bytes | 3.70 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
816906E83F771D9A4B25E43BF8D36DAB |
.pdata |
0x00076000 |
11,580 bytes | 11,776 bytes | 5.47 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
35FE6AB302FEE25751EBCB6DE339B16A |
.didat |
0x00079000 |
776 bytes | 1,024 bytes | 2.72 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
EE2F46922DA19D66C4EDD9983A9A02FE |
_RDATA |
0x0007a000 |
348 bytes | 512 bytes | 3.32 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
542A6DBF24D3142530D2EC51DD992ADD |
.rsrc |
0x0007b000 |
159,744 bytes | 156,160 bytes | 7.79 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E74F6FD9452E5F64DE54F230CE6A53D7 |
.reloc |
0x000a2000 |
2,316 bytes | 2,560 bytes | 5.20 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
CDD2F258B98EDEF9C659067796047B48 |
1 检测到高熵(≥7.5)的节 - 可能存在打包/加密
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
资源类型 | 数量 | 总大小 | 百分比 |
---|---|---|---|
PNG | 2 | 69,432 字节 | |
RT_ICON | 7 | 77,238 字节 | |
RT_DIALOG | 4 | 2,222 字节 | |
RT_STRING | 9 | 2,654 字节 | |
RT_GROUP_ICON | 1 | 104 字节 | |
RT_VERSION | 1 | 736 字节 | |
RT_MANIFEST | 1 | 1,872 字节 |
主题 |
GlobalSign CodeSigning CA - SHA256 - G3 GlobalSign nv-sa BE |
颁发者 | GlobalSign |
序列号 | 1462505465907667685259976282102477 |
主题 |
win.rar GmbH win.rar GmbH DE |
颁发者 | GlobalSign CodeSigning CA - SHA256 - G3 |
序列号 | 35626140423967868457733424021 |
主题 |
DigiCert Trusted Root G4 DigiCert Inc US |
颁发者 | DigiCert Assured ID Root CA |
序列号 | 19414496059604725969669510860671817818 |
主题 |
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA DigiCert, Inc. US |
颁发者 | DigiCert Trusted Root G4 |
序列号 | 9586110043380832440035821245782711899 |
主题 |
DigiCert Timestamp 2022 - 2 DigiCert US |
颁发者 | DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA |
序列号 | 16352681515936560713148055516499426650 |
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要