| 文件名 | windhawk_setup.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
| 扫描器版本 | 1.0.215.174 |
| 数据库版本 | 2025-05-02 14:00:23 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
4d929356f81932b635f57371cda36bb7
|
|
| SHA1 |
812500aa7af1bd5b40f7c2402cec4a9b6457d77e
|
|
| SHA256 |
a37f8d5be2216f55c9c624fed32272b6baab68a67c2b8c2f5f1d5e86b889d244
|
|
| SHA512 |
00287b16f322e2a49e93b7ccc5cf11ca184681b42bd12be25e41e5c9b263457634f93338fca4150bed64013e1e79435d0bf4c3be9683d343226c5364ceff305a
|
|
| ImpHash |
46ce5c12b293febbeb513b196aa7f843
|
| 图标 |
哈希: 3ec9345d7754cf36d229914a62e120cd
模糊: e9b82cdeb58f9d18fce85bb840ab4458 dHash: 8e60f0a078d81b86 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x0040369f |
| 编译时间 | 2025-03-08 23:05:20 |
| 校验和 | 0x00a62d82 (实际: 0x00a62d82) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
| 数字签名 | OK |
| 导入 |
7 库
ADVAPI32, SHELL32, ole32, COMCTL32, USER32, GDI32, KERNEL32 |
| 导出 | 0 函数 |
| 资源 | 35 资源 |
| 节 | 5 节 |
| CompanyName | Ramen Software |
| FileDescription | Windhawk |
| FileVersion | 1.6.1 |
| LegalCopyright | https://windhawk.net/ |
| ProductName | Windhawk |
| ProductVersion | 1.6.1 |
| Translation | 0x0409 0x04e4 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
26,385 bytes | 26,624 bytes | 6.45 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
AFB6C5993570F82E85EC446BBB886505 |
.rdata |
0x00008000 |
4,952 bytes | 5,120 bytes | 5.10 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E913094D8CCEACA6B405BBBB52936387 |
.data |
0x0000a000 |
129,912 bytes | 1,536 bytes | 4.12 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9D011BEBA2FE64A93F62FBB227CC9C35 |
.ndata |
0x0002a000 |
196,608 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.rsrc |
0x0005a000 |
55,176 bytes | 55,296 bytes | 4.53 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
0740A0412925CFA2D87DF70CD22CFA8A |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_BITMAP | 1 | 1,638 字节 | |
| RT_ICON | 6 | 42,214 字节 | |
| RT_DIALOG | 25 | 7,510 字节 | |
| RT_GROUP_ICON | 1 | 90 字节 | |
| RT_VERSION | 1 | 568 字节 | |
| RT_MANIFEST | 1 | 1,249 字节 |
| 产品 | Windhawk |
| 描述 | Windhawk |
| 文件版本 | 1.6.1 |
| 签名日期 | 06:08 PM 04/30/2025 (53 天前) |
| 验证状态 | Signed |
| 签名者 | Michael Maltsev; Microsoft ID Verified CS AOC CA 02; Microsoft ID Verified Code Signing PCA 2021; Microsoft Identity Verification Root Certificate Authority 2020 |
| 副签名者 | Microsoft Public RSA Time Stamping Authority; Microsoft Public RSA Timestamping CA 2020; Microsoft Identity Verification Root Certificate Authority 2020 |
| 版权 | https://windhawk.net/ |
54 98 D2 D1 D4 5B 19 95 48 13 79 C8 11 C0 87 9933 00 03 8A 21 44 53 AC F7 5E FF 59 87 00 00 00 03 8A 2133 00 00 00 04 96 50 4B D2 DB EE CB 88 00 00 00 00 00 0433 00 00 00 07 87 A3 34 A3 7B A5 8E 1C 00 00 00 00 00 0733 00 00 00 05 E5 CF 0F FF 66 2E C9 87 00 00 00 00 00 0533 00 00 00 4F 34 B5 07 C1 2B 97 54 FC 00 00 00 00 00 4F✓ 此文件已进行数字签名,证书链已验证。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
