| 文件名 | File-Call.of.Duty.Black.Ops.3.ALL.DLCs.tor_118880.exe |
| 文件类型 |
Win32 EXE
|
| 魔术字节 | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows |
| SSDEEP 哈希 |
49152:LkQqe5vs+HbhCc7YvgLPkLUX0FilDCIr1QN/WaW:LkQqeJs+HbhF7YvMvUiMI+Od
|
| 扫描器版本 | 1.0.151.174 |
| 数据库版本 | 2023-12-14 23:01:24 UTC |
被 6 个安全引擎检测到 - 需要谨慎
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
b06029e68c041684751eed9e63dcf164
|
|
| SHA1 |
cbc52ee56366468d0dbcf43f4058f6fd7ea70167
|
|
| SHA256 |
7d4311b7caba4881f54c5193b85ef22797896f30964cfc9deb9721e12f84969c
|
|
| SHA512 |
ffd8995e20a3601b3589fad68e633e27e2405e84119fa1bea6a18986dd3ce388168dc21e52bacb34ef3bc91fb782d2353858d14976da2720f384aa203a46e906
|
|
| ImpHash |
c818f0e720fa73c83a1e6c1fe7f04039
|
| 图标 |
哈希: 033742370ebe464335441b382d5837cd
模糊: 015d4d58d10a639fea46fa726821ed03 dHash: f0cc92868692ccf0 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x00402ed0 |
| 编译时间 | 1970-01-01 00:00:00 |
| 校验和 | 0x002be7db (实际: 0x002be7db) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
| 数字签名 | OK |
| 导入 |
10 库
kernel32, oleaut32, user32, advapi32, gdi32, version, shell32, ole32, comctl32, psapi |
| 导出 | 0 函数 |
| 资源 | 92 资源 |
| 节 | 8 节 |
| SSL.com EV Code Signing Intermediate CA RSA R3 | Digital Media Pros LLC (US) |
| SSL.com EV Root Certification Authority RSA R2 | SSL Corp (US) |
| CompanyName | SPARK Full Applications Systems |
| FileDescription | SPARK Full |
| InternalName | SPARKFull.exe |
| LegalCopyright | SPARK Full Applications Systems |
| OriginalFilename | SPARKFull.exe |
| ProductName | SPARK Full |
| ProductVersion | 1.0.0.0 |
| Comments | |
| FileVersion | 1.0.0.0 |
| LegalTrademarks | |
| Translation | 0x0409 0x04e4 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,437,920 bytes | 1,438,208 bytes | 6.25 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
947972E8CDA2624AE344196E2C229A2D |
.data |
0x00161000 |
725,412 bytes | 725,504 bytes | 7.38 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
F4BFEC033C094224FB277DEF358F4FE7 |
.rdata |
0x00213000 |
382,756 bytes | 382,976 bytes | 5.35 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
3F68943DF7A93262C7E0B4ADB2FA5724 |
.bss |
0x00271000 |
48,768 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.CRT |
0x0027d000 |
12 bytes | 512 bytes | 0.06 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
A703520858BF44A71D9CB449B416F049 |
.idata |
0x0027e000 |
12,565 bytes | 12,800 bytes | 5.28 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
1D5FA42B33F25EFDDD2010CECB8FA188 |
.rsrc |
0x00282000 |
132,680 bytes | 133,120 bytes | 5.07 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
66199CC8343A20663E2689EED2C46B2A |
.reloc |
0x002a3000 |
135,404 bytes | 135,680 bytes | 6.54 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
932FC65DAE62E480E16275FF4835ADF1 |
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_CURSOR | 26 | 16,968 字节 | |
| RT_ICON | 1 | 67,624 字节 | |
| RT_DIALOG | 1 | 50 字节 | |
| RT_RCDATA | 49 | 38,822 字节 | |
| RT_GROUP_CURSOR | 12 | 436 字节 | |
| RT_GROUP_ICON | 1 | 20 字节 | |
| RT_VERSION | 1 | 836 字节 | |
| RT_MANIFEST | 1 | 1,770 字节 |
| 主题 |
Digital Media Pros LLC Digital Media Pros LLC US |
| 颁发者 | SSL.com EV Code Signing Intermediate CA RSA R3 |
| 序列号 | 88401790483330143697796390301419409373 |
| 主题 |
SSL.com EV Code Signing Intermediate CA RSA R3 SSL Corp US |
| 颁发者 | SSL.com EV Root Certification Authority RSA R2 |
| 序列号 | 88120626561545005758442085613766983940 |
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
