| 文件名 | st-setup-1.8.16.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
| 扫描器版本 | 1.0.217.174 |
| 数据库版本 | 2025-06-04 23:00:23 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
9c42f5ccae30afc9c70c924d543924f8
|
|
| SHA1 |
4e3c555cfee82d23acfdda4754c0870f455156e8
|
|
| SHA256 |
80b6573208f2179c97ce64ff731269e349a07a3969c1198bf5a9092c5a01555c
|
|
| SHA512 |
51d5c449ce3070a2c080a81d14af74e1c5621e41057fd4c311aee1888322879b6fadef1bbdbd370bfaa00dd50a87df2d73943f96aff3ae5b1d4708505d8a6707
|
|
| ImpHash |
9be4f90f50c714bc00cc8beb2e137299
|
| 图标 |
哈希: 1f68469449203f3cada94f5dbaabc3a6
模糊: b1ddb325290248d14d9c2a1d95af387f dHash: 71d09a9c8ca6e470 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140004560 |
| 编译时间 | 2025-02-08 08:30:59 |
| 校验和 | 0x008341de (实际: 0x008341de) |
| 操作系统版本 | 5.1 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
| 数字签名 | OK |
| 导入 |
7 库
ADVAPI32, COMCTL32, GDI32, KERNEL32, ole32, SHELL32, USER32 |
| 导出 | 0 函数 |
| 资源 | 30 资源 |
| 节 | 9 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
36,272 bytes | 36,352 bytes | 6.26 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
E619E55DA8377022A30598086C39E5F9 |
.data |
0x0000a000 |
352 bytes | 512 bytes | 1.61 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9522341CC8EB98BFBDAC2291B63E359D |
.rdata |
0x0000b000 |
35,808 bytes | 35,840 bytes | 6.88 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
EAF560B554E440849EB9B6B11A27E17C |
.xdata |
0x00014000 |
1,196 bytes | 1,536 bytes | 3.74 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
00C196EDC58C2B233F505112E4453768 |
.pdata |
0x00015000 |
1,284 bytes | 1,536 bytes | 4.09 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
0B3D842F7BFC075790E1011BAA1E2BDB |
.bss |
0x00016000 |
246,560 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x00053000 |
6,552 bytes | 6,656 bytes | 4.60 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
16D5CFD7CA1196D3F9B64A92A6E0C987 |
.ndata |
0x00055000 |
630,784 bytes | 512 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BF619EAC0CDF3F68D496EA9344137E8B |
.rsrc |
0x000ef000 |
88,320 bytes | 88,576 bytes | 6.47 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
2ECC8D935A0EDE373387CDF67918D5E6 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 13 | 80,940 字节 | |
| RT_DIALOG | 15 | 4,512 字节 | |
| RT_GROUP_ICON | 1 | 188 字节 | |
| RT_MANIFEST | 1 | 1,079 字节 |
| 签名日期 | 11:50 AM 03/10/2025 (89 天前) |
| 验证状态 | Signed |
| 签名者 | Csnewnight Corporation; GlobalSign GCC R45 EV CodeSigning CA 2020; GlobalSign Code Signing Root R45; GlobalSign; GlobalSign Root CA - R1 |
| 副签名者 | DigiCert Timestamp 2024; DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA; DigiCert Trusted Root G4; DigiCert |
01 EE 5F 16 9D FF 97 35 2B 64 65 D6 6A78 03 18 42 45 70 8A 41 CF 6F 01 B8 EE B4 A9 5477 BD 0E 05 B7 59 0B B6 1D 47 61 53 1E 3F 75 ED08 D3 E7 63 B7 21 5E 05 1D 71 19 C40B AE 66 BC 5A BA 7F 95 87 C6 F9 E9 04 E3 33 0407 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A✓ 此文件已进行数字签名,证书链已验证。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
