| 文件名 | uploaded |
| 文件类型 |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MS CAB-Installer self-extracting archive
|
| 扫描器版本 | 1.0.140.174 |
| 数据库版本 | 2023-09-29 09:01:06 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
e5b132a19c1b0ee2e60e0bfc4088faa1
|
|
| SHA1 |
fb178ab6aadb4e11da80c2614938c87437a3b768
|
|
| SHA256 |
7c2e73a4eb06a61c61c7fa141b9d34838feaa7f155fa62f5793218fef76f0742
|
|
| SHA512 |
1002b43a47f8f37fff0b535d73dbedea40e2e1bcf7cd30a849908215607524c8c9ce616eb1bc4a8d2830958e8e89fc5291a3b8f7834fe7036be1f085a8cc08bf
|
|
| ImpHash |
b83464d8132ecd9f810820e192566e15
|
| 图标 |
哈希: e8da5abe9752f0a27e183894c8881ac0
模糊: c5dace78993d50eaedeb05b7c48ce608 dHash: 848c5454baf47474 |
| 映像基址 | 0x01000000 |
| 入口点 | 0x01002749 |
| 编译时间 | 1997-09-11 12:14:59 |
| 校验和 | 0x00606ccc (实际: 0x00606ccc) |
| 操作系统版本 | 5.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MS CAB-Installer self-extracting archive
|
| 数字签名 | Chain verification from OU=Microsoft Corporation, CN=Microsoft Corporation, L=Redmond, ST=Washington, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98, OU=VeriSign Commercial Software Publishers CA, O=VeriSign\, Inc., L=Internet (serial:113054657339103270637650726727089002036, sha1:8aa137f5039fe028c926aa5590141968faffe81a) failed: hash_algorithm must be one of "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "raw", not 'md2' |
| 导入 |
6 库
ADVAPI32, KERNEL32, GDI32, USER32, COMCTL32, VERSION |
| 导出 | 0 函数 |
| 资源 | 35 资源 |
| 节 | 3 节 |
| VeriSign, Inc. () | |
| VeriSign Trust Network () | |
| VeriSign, Inc. () | |
| VeriSign, Inc. (US) |
| CompanyName | Microsoft Corporation |
| FileDescription | DirectX cabpack for eng |
| FileVersion | 4.07.00.0700 |
| InternalName | DXSetup.exe |
| LegalCopyright | Copyright (c) Microsoft Corp. 1994-1999 |
| OriginalFilename | DXSetup.exe |
| ProductName | Microsoft(R) DirectX for Windows(R) 95 and 98 |
| ProductVersion | 4.07.00.0700 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
36,552 bytes | 36,864 bytes | 6.50 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
BA1EA12C5B73B18C0E72EA096B6F3BCA |
.data |
0x0000a000 |
7,180 bytes | 1,024 bytes | 4.10 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
A8800423228F9A86657C80297A8CE5F0 |
.rsrc |
0x0000c000 |
6,262,784 bytes | 6,261,760 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
EF1370BBEBAEE36A35420116B3B23CC6 |
1 检测到高熵(≥7.5)的节 - 可能存在打包/加密
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| AVI | 1 | 11,802 字节 | |
| RT_ICON | 2 | 1,040 字节 | |
| RT_DIALOG | 6 | 2,356 字节 | |
| RT_STRING | 8 | 7,910 字节 | |
| RT_RCDATA | 16 | 6,235,186 字节 | |
| RT_GROUP_ICON | 1 | 34 字节 | |
| RT_VERSION | 1 | 872 字节 |
| 主题 |
未知 VeriSign, Inc. |
| 颁发者 | 未知 |
| 序列号 | 5023855872279352123395851980929394448 |
| 主题 |
未知 VeriSign Trust Network |
| 颁发者 | 未知 |
| 序列号 | 111541778252975528690535198869081121416482608785 |
| 主题 |
未知 VeriSign, Inc. |
| 颁发者 | 未知 |
| 序列号 | 1079391857917959709816657706482406088780238689376 |
| 主题 |
Microsoft Corporation VeriSign, Inc. US |
| 颁发者 | 未知 |
| 序列号 | 113054657339103270637650726727089002036 |
Chain verification from OU=Microsoft Corporation, CN=Microsoft Corporation, L=Redmond, ST=Washington, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98, OU=VeriSign Commercial Software Publishers CA, O=VeriSign\, Inc., L=Internet (serial:113054657339103270637650726727089002036, sha1:8aa137f5039fe028c926aa5590141968faffe81a) failed: hash_algorithm must be one of "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "raw", not 'md2'
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
