在线病毒检测器 | v.1.0.176.174 |
数据库版本: | 2024-05-20 18:00:27 |
这是一个通用检测名称,用于识别具有特洛伊木马特征的潜在有害或可疑文件或程序。这是一种伪装成合法或良性程序但包含恶意代码或功能的恶意软件。
File | 88c7e2cfc25b4b4d07fe41f5c69d4c11ba1df9f7565249f97191d8cdb440ab12 |
已检查 | 2024-05-20 15:32:09 |
MD5 | 327409de5de281521dd00b73c87c4443 |
SHA1 | 40f7065ec986ee451102a9f3564038eae4713e0c |
SHA256 | 88c7e2cfc25b4b4d07fe41f5c69d4c11ba1df9f7565249f97191d8cdb440ab12 |
SHA512 | 471ac9bd3c5c3a4f4c095edb6ed4b71a5a26137302ec2a9e26543eb6d68f4cda032f7bbcc1cc2cbb0e2f85bcb20370435d6084302eebdb916ff8783b5949ff46 |
Imphash | be41bf7b8cc010b614bd36bbca606973 |
File Size | 3547530 bytes |
Gridinsoft能够识别并消除Malware.Win32.GenericMC.cc,无需进一步的用户干预。
FileDescription | |
FileVersion | 1.0.0.0 |
LegalCopyright | King |
ProductVersion | 1.0.0.0 |
Translation | 0x0000 0x04b0 |
30adcb5c0b2e3c35eaec2c110733c9f8 c98f96d6ffe5af8d4eb0870c1dc20826 92e0b496a6cada72 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x004038af |
Compilation: | 2012-02-24 19:20:04 |
Checksum: | 0x00000000 (Actual: 0x0036e614) |
OS Version: | 5.0 |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 6 |
Imports: | KERNEL32, USER32, GDI32, SHELL32, ADVAPI32, COMCTL32, ole32, VERSION, |
Exports: | 0 |
Resources: | 13 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0000728c | 0x00007400 | 419d4e1be1ac35a5db9c47f553b27cea | 6.50 |
.rdata | 0x00009000 | 0x00002b6e | 0x00002c00 | cca1ca3fbf99570f6de9b43ce767f368 | 4.50 |
.data | 0x0000c000 | 0x00072b9c | 0x00000200 | 77f0839f8ebea31040e462523e1c770e | 1.80 |
.ndata | 0x0007f000 | 0x000e1000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.rsrc | 0x00160000 | 0x000040e8 | 0x00004200 | 53d4247eb861d4be2cf1cd70682ff45f | 2.29 |
.reloc | 0x00165000 | 0x00000fd6 | 0x00001000 | ef47c39f20b68b98c681fcd9fd4f6838 | 1.58 |