| 文件名 | Sims2EP9.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.213.174 |
| 数据库版本 | 2025-04-13 21:00:29 UTC |
恶意软件家族: Heuristic
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
1a9ff4743bdbab7831fe933395904887
|
|
| SHA1 |
9db4772a9097d13ca1b73bc17f5f181a8dbc8fcf
|
|
| SHA256 |
982bbeaec78bd85a3b53348429e760c0cda654124f9aa30baa56898e34235dc1
|
|
| SHA512 |
e637d7e7cdfdc0ff87484be162b6d60f1d40372199fb81140368b111c44c358f107844d8312d3522f37eabe9a69c75e028a2450782e6a7277f6e25e5dabaea03
|
|
| ImpHash |
79cfc2555c8b2450f7d3c12c9bd847af
|
| 图标 |
哈希: c38425488c645e3d646ae8b987076612
模糊: bbf46efc2e8de21e2a6e9063d7559cb9 dHash: 71f0f2e2b2b2f071 |
| 映像基址 | 0xa0000000 |
| 入口点 | 0xa09bf128 |
| 编译时间 | 2025-04-07 18:52:50 |
| 校验和 | 0x013d7742 (实际: 0x013db328) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| PDB 路径 | C:\dev\sims2remaster\DL\out\ReleaseSRT\Sims2EP9.pdb |
| 数字签名 | The expected hash does not match the digest in SpcInfo |
| 导入 | 19 库 |
| 导出 | 20 函数 |
| 资源 | 9 资源 |
| 节 | 7 节 |
| Comments | built 2025-04-07-1147, by RWS2-SIMSLEBLD1$ on RWS2-SIMSLEBLD1 |
| CompanyName | Maxis, a division of Electronic Arts Inc. |
| FileDescription | The Sims 2 Legacy |
| FileVersion | 1.18.0.189 |
| LegalCopyright | Copyright © 2004-2025 Electronic Arts Inc. All rights reserved. |
| OriginalFilename | Sims2SP9.exe |
| ProductName | The Sims 2 EP9 |
| ProductVersion | 1.18.0.189 |
| SpecialBuild | ReleaseSRT |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
16,020,142 bytes | 16,020,480 bytes | 6.65 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
B44DA64511A0BEE6C2B02FE23BCF8523 |
.rdata |
0x00f49000 |
2,738,616 bytes | 2,738,688 bytes | 5.79 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
372092E8A06FE5BB6A2EF4F54572E06A |
.data |
0x011e6000 |
1,330,420 bytes | 1,035,776 bytes | 5.08 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
EC8A34EBB9A2B87E9EF867A1D935080C |
LBMPEG_D |
0x0132b000 |
1,024 bytes | 1,024 bytes | 6.57 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
CF906ABFA348E1875CE312BE69408588 |
.rsrc |
0x0132c000 |
12,088 bytes | 12,288 bytes | 5.27 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
ECB737DE3A1BDA63B8722F88DA5EC34B |
.reloc |
0x0132f000 |
942,188 bytes | 942,592 bytes | 6.47 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5AC5B206AA14A74D86F45FD2BBB50EF2 |
.anadius |
0x01416000 |
1,810 bytes | 2,048 bytes | 1.04 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
1F60B56577C2C03D3FDEC567022515D5 |
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 6 | 10,032 字节 | |
| RT_GROUP_ICON | 1 | 90 字节 | |
| RT_VERSION | 1 | 1,028 字节 | |
| RT_MANIFEST | 1 | 381 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
The expected hash does not match the digest in SpcInfo
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
