在线病毒检测器 | v.1.0.182.174 |
数据库版本: | 2024-07-22 23:00:28 |
这是一个通用检测名称,用于识别具有特洛伊木马特征的潜在有害或可疑文件或程序。这是一种伪装成合法或良性程序但包含恶意代码或功能的恶意软件。
File | Setup.exe |
已检查 | 2024-07-22 20:19:44 |
MD5 | bffa63c509f84956b20afbbf80d762ec |
SHA1 | 568ddb8cc2038e21da8cc42ea2f08fb73be1cf04 |
SHA256 | a18fb5ee523e9e8894fb9075b5fa0781f40140a6bf4605feb081c5de008b337c |
SHA512 | 7e2654578c505c82749bea45ab7eb886d64c12be24bd0a85075b84193163b35ce359a996e17d1d4759e7cb7a2e51698305d08139f7700182ad260313e416d268 |
Imphash | a46ac714274c7f150eaa703de6d7fb57 |
File Size | 8356365 bytes |
Gridinsoft能够识别并消除Spy.Win32.Gen.tr,无需进一步的用户干预。
6d345a2d18a737105b8a673c950463bb 4a039548c40df7f264a87301ff29c38d b2a89c96a2cada72 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x00404b62 |
Compilation: | 2024-06-26 19:41:05 |
Checksum: | 0x08329af6 (Actual: 0x007fbd68) |
OS Version: | 4.0 |
PEiD: | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, Nullsoft Installer self-extracting archive |
Sign: | The expected hash does not match the digest in SpcInfo |
Sections: | 7 |
Imports: | ADVAPI32, COMCTL32, GDI32, KERNEL32, ole32, SHELL32, USER32, |
Exports: | 0 |
Resources: | 6 |
名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00009f9c | 0x0000a000 | 1685f4ba59a2f12ea5d99555c5f54e2b | 6.07 |
.data | 0x0000b000 | 0x00000108 | 0x00000200 | 2a66f5a1fb5b210ddb2778ef7b8f06f7 | 1.54 |
.rdata | 0x0000c000 | 0x00009b80 | 0x00009c00 | 1c58e9f1a36e878e04b6a354f00b0a72 | 6.84 |
.bss | 0x00016000 | 0x00048360 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.idata | 0x0005f000 | 0x00001428 | 0x00001600 | bdccc342d357c9c9d4097058e3be6eb7 | 5.18 |
.ndata | 0x00061000 | 0x00040000 | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
.rsrc | 0x000a1000 | 0x00000a78 | 0x00000c00 | f09ba0c9fb4a0b6fa8710357dc08c7cd | 4.26 |