| 文件名 | asset.module.xdl64 |
| 文件类型 |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.143.174 |
| 数据库版本 | 2023-10-19 22:04:50 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
d0d30abc70c8db98608b32f45f89d7a4
|
|
| SHA1 |
ebf4de71ff36b27caee72233bcfd867e0224ddac
|
|
| SHA256 |
75fc6bc36cef15c471207be95d3a7f3c3ffa46bd0fc2bc09d81ce0198798f55a
|
|
| SHA512 |
ae87d17ae5ba681dc2a68195453b52db35be22b64c1342960476630608e796053aec075978b2ebe31456fa99eee4a1c677adee06748eb5cac79cc15cedef859e
|
|
| ImpHash |
295bc123c7279e6a71b251637d575f00
|
| 映像基址 | 0x180000000 |
| 入口点 | 0x1802fb4a0 |
| 编译时间 | 2023-09-19 09:55:24 |
| 校验和 | 0x00461579 (实际: 0x00456305) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
| PDB 路径 | asset.module.pdb |
| 数字签名 | The expected hash does not match the digest in SpcInfo |
| 导入 |
8 库
KERNEL32, VCRUNTIME140, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-time-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-math-l1-1-0 |
| 导出 | 2 函数 |
| 资源 | 0 资源 |
| 节 | 8 节 |
| DigiCert Trusted Root G4 | DigiCert, Inc. (US) |
| DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 | Maxon Computer GmbH (DE) |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
3,123,398 bytes | 3,123,712 bytes | 6.26 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
18DCEA7B08A2818588F4789987CEE8DD |
.rdata |
0x002fc000 |
1,093,856 bytes | 1,094,144 bytes | 5.60 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F4CB0761C09DD004FE2246655808E0E6 |
.data |
0x00408000 |
346,864 bytes | 11,776 bytes | 5.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
8479F919FECC4052F20C4814F3FFC625 |
.pdata |
0x0045d000 |
270,504 bytes | 270,848 bytes | 6.43 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C28B3A38260CB0777DE94567598D5DC9 |
.00cfg |
0x004a0000 |
40 bytes | 512 bytes | 0.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
0ED5E73E0D937B5B7EFC191197858977 |
.gehcont |
0x004a1000 |
8 bytes | 512 bytes | 0.04 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
DC321E42915077577C88357D00FB5C38 |
.tls |
0x004a2000 |
9 bytes | 512 bytes | 0.02 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
1F354D76203061BFDD5A53DAE48D5435 |
.reloc |
0x004a3000 |
3,632 bytes | 4,096 bytes | 5.22 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
760D05B7A19E6C86686A73609E014BDC |
| 主题 |
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 DigiCert, Inc. US |
| 颁发者 | DigiCert Trusted Root G4 |
| 序列号 | 11533403529598586876501374841704918745 |
| 主题 |
Maxon Computer GmbH Maxon Computer GmbH DE |
| 颁发者 | DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 |
| 序列号 | 6146216351206576261920951423240227356 |
The expected hash does not match the digest in SpcInfo
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
