| 文件名 | Adjprog.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.223.174 |
| 数据库版本 | 2025-09-01 02:00:46 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
b2a7561df72885e1231547506b1023b7
|
|
| SHA1 |
3dd30f32df0ddc436f445f007e77acb9054030a8
|
|
| SHA256 |
87b0cd451fe29514495d764d8fa55f5c5f02aef17add0395d7bd67f8e7c6ba8a
|
|
| SHA512 |
b969f6107a88f9c40057259e5b2bea906a25ea539cbeea8a05c126335d505cab905a5f87d677ee8dd032d40f99ec3df6b1991402888b9e626fe203f75869001f
|
|
| ImpHash |
6e156bc0df156c8c216cc8739b71c1bf
|
| 映像基址 | 0x00400000 |
| 入口点 | 0x00404659 |
| 编译时间 | 2000-03-17 23:52:40 |
| 校验和 | 0x00000000 (实际: 0x001a2422) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 | 12 库 |
| 导出 | 0 函数 |
| 资源 | 4 资源 |
| 节 | 5 节 |
| FileDescription | Adjustment program for EPSON Inkjet Printer / Scanner |
| FileVersion | 1, 0, 0, 0 |
| InternalName | AdjProg |
| LegalCopyright | Copyright (C) SEIKO EPSON CORPORATION 2002-2007. All rights reserved. |
| OriginalFilename | AdjProg.EXE |
| ProductName | Adjustment program for EPSON inkjet printer |
| ProductVersion | 1, 0, 0, 0 |
| Comments | Modified by an unpaid evaluation copy of Resource Tuner 2 (www.heaventools.com) |
| Translation | 0x0411 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.CODE |
0x00001000 |
12,910,592 bytes | 13,935 bytes | 7.23 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
581F705554C570FA21A5EAD24B90E88D |
.reloc |
0x00c51000 |
568,328,192 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_MEM_LOCKED
|
D41D8CD98F00B204E9800998ECF8427E |
.neaqui |
0x22a51000 |
1,630,208 bytes | 1,628,556 bytes | 7.97 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B3644266D1BCC7FEE119F42F10164713 |
.idata |
0x22bdf000 |
8,192 bytes | 5,324 bytes | 5.97 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E2E9F4FB65B60ED9AE536E75223B62D4 |
.rsrc |
0x22be1000 |
8,192 bytes | 4,728 bytes | 5.36 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
2EC75B413648AFF2C6BAF7983A9E1E7F |
1 检测到高熵(≥7.5)的节 - 可能存在打包/加密
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 1 | 3,240 字节 | |
| RT_GROUP_ICON | 1 | 20 字节 | |
| RT_VERSION | 1 | 1,076 字节 | |
| RT_MANIFEST | 1 | 86 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
