| 文件名 | $RJ8YOBW.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.217.174 |
| 数据库版本 | 2025-06-05 00:00:25 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
ee91d61ba59659d23eba4347995163bc
|
|
| SHA1 |
0362620666679b00aa193c2f132a58893eee7deb
|
|
| SHA256 |
94f53bb832539ea02d6ce581d7c1fcc36228e04a611b8dcfe797ad4bbc0a45c1
|
|
| SHA512 |
b94dcaefdd341977ed4585e56ece0a8f6abaa119cde9a8bff1a75ab26c6766231126ed7685f6303908d0ce43c2d2cb154b985cdeb604a7d0a438f7c2634a092e
|
|
| ImpHash |
e277f1464e7729ad9df5ec047611738a
|
| 图标 |
哈希: 91b5a8a9d575ee26aa4c2c523b1a6ff6
模糊: 55e2141428e2c028871090bc99abe1a9 dHash: ec1af2fc3828e6c1 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x004302e5 |
| 编译时间 | 2024-03-22 22:14:43 |
| 校验和 | 0x01b65cc7 (实际: 0x01b65cc7) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| PDB 路径 | C:\agent\_work\36\s\wix\build\ship\x86\burn.pdb |
| 数字签名 | OK |
| 导入 |
8 库
ADVAPI32, USER32, OLEAUT32, GDI32, SHELL32, ole32, KERNEL32, RPCRT4 |
| 导出 | 0 函数 |
| 资源 | 16 资源 |
| 节 | 6 节 |
| CompanyName | Python Software Foundation |
| FileDescription | Python 3.13.4 (64-bit) |
| FileVersion | 3.13.4150.0 |
| InternalName | setup |
| LegalCopyright | Copyright (c) Python Software Foundation. All rights reserved. |
| OriginalFilename | python-3.13.4-amd64.exe |
| ProductName | Python 3.13.4 (64-bit) |
| ProductVersion | 3.13.4150.0 |
| Translation | 0x0409 0x04e4 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
313,918 bytes | 314,368 bytes | 6.58 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
6815C282E1BC693149A4065A4B552600 |
.rdata |
0x0004e000 |
128,550 bytes | 129,024 bytes | 5.08 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
B06EC0F7AEC92EC457D68A2887BDC39F |
.data |
0x0006e000 |
6,204 bytes | 3,072 bytes | 2.87 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
350A688B66A5DDC1EA1D1A0CC2D04020 |
.wixburn |
0x00070000 |
56 bytes | 512 bytes | 0.75 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
76DD5F1C648EEF40E983BC7B84005AF4 |
.rsrc |
0x00071000 |
91,644 bytes | 91,648 bytes | 6.26 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F551F431A9071CA7B8CB86FF3E4CD810 |
.reloc |
0x00088000 |
16,060 bytes | 16,384 bytes | 6.75 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
AC56AC7D93B473EBE9A2A079106F6056 |
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 12 | 78,130 字节 | |
| RT_MESSAGETABLE | 1 | 10,304 字节 | |
| RT_GROUP_ICON | 1 | 174 字节 | |
| RT_VERSION | 1 | 888 字节 | |
| RT_MANIFEST | 1 | 1,234 字节 |
| 产品 | Python 3.13.4 (64-bit) |
| 描述 | Python 3.13.4 (64-bit) |
| 文件版本 | 3.13.4150.0 |
| 原始名称 | python-3.13.4-amd64.exe |
| 签名日期 | 07:16 PM 06/03/2025 (3 天前) |
| 验证状态 | Signed |
| 签名者 | Python Software Foundation; Microsoft ID Verified CS EOC CA 02; Microsoft ID Verified Code Signing PCA 2021; Microsoft Identity Verification Root Certificate Authority 2020 |
| 副签名者 | Microsoft Public RSA Time Stamping Authority; Microsoft Public RSA Timestamping CA 2020; Microsoft Identity Verification Root Certificate Authority 2020 |
| 内部名称 | setup |
| 版权 | Copyright (c) Python Software Foundation. All rights reserved. |
✓ 此文件已进行数字签名,证书链已验证。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
