| 在线病毒检测器 | v.1.0.209.174 |
| 数据库版本: | 2025-02-20 09:00:24 |
这是一个通用检测名称,用于识别具有特洛伊木马特征的潜在有害或可疑文件或程序。这是一种伪装成合法或良性程序但包含恶意代码或功能的恶意软件。
| File | System Volume Information.exe |
| 已检查 | 2025-02-20 07:47:45 |
| MD5 | 0257768c8752ca1d48d7d7ff9f05f916 |
| SHA1 | b6a4eaaf25d605346b315b27e6bb676f4faa90df |
| SHA256 | 770cb24a37645b0a963993cf9a675790ec292fd96a925b66010dd958f821057d |
| SHA512 | 5ff8637895eac7c5527c90bbfa268a0c9e06773678998708d9c93197037c4a31dff1d26a68944395c667ec699429d38b0ad7d5afd9d8f94bc40f3daaedbfb7bc |
| Imphash | 615518f3f02e889c7833f5c4b75dd175 |
| File Size | 1310288 bytes |
Gridinsoft能够识别并消除Trojan.Win32.Gen.sd!s1,无需进一步的用户干预。
 |
e5885c12587351b5d8edf333ae42ca75 e90a02f9e466a3f7e15ccb9697a3b7c5 7c646464e4c4f4e4 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00401240 |
| Compilation: | 2013-01-06 16:09:30 |
| Checksum: | 0x0014f302 (Actual: 0x0014f352) |
| OS Version: | 4.0 |
| PEiD: | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows |
| Sign: | No valid SignedData structure was found. |
| Sections: | 8 |
| Imports: | ADVAPI32, GDI32, KERNEL32, msvcrt, SHELL32, SHLWAPI, USER32, WININET, WINMM, WS2_32, |
| Exports: | 44 |
| Resources: | 2 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000ef970 | 0x000efa00 | ca78f5dc8b69065378c2ab35af522a56 | 6.41 |
| .data | 0x000f1000 | 0x0000ff90 | 0x00010000 | 1194951d1ac3b2ea85e307633501aece | 4.86 |
| .rdata | 0x00101000 | 0x0002ff14 | 0x00030000 | 999b517efa4d99cb3c117bdd5b5b1d37 | 6.07 |
| .bss | 0x00131000 | 0x00007ff0 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .edata | 0x00139000 | 0x000004c6 | 0x00000600 | c9e1c9e889321ec988b8ab41c2a257c6 | 4.54 |
| .idata | 0x0013a000 | 0x00001a54 | 0x00001c00 | 0cc8fdf5f98162dafd22cd31359eb1d8 | 4.99 |
| .rsrc | 0x0013c000 | 0x00002660 | 0x00002800 | 820ed5d615bea116db78b0734e3c8aa5 | 4.27 |
| .reloc | 0x0013f000 | 0x0000b4ac | 0x0000b600 | f9515f1dc173e27c09e35c3b52e06b28 | 6.57 |
