| 文件名 | crawly.exe |
| 文件类型 |
PE32+ executable (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.216.174 |
| 数据库版本 | 2025-05-09 17:00:20 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
6e1f2ad247f047616f2a921731838905
|
|
| SHA1 |
88071247aeb6b703a2b0382981355e36e4246f9c
|
|
| SHA256 |
a3ceb1c945fc0b3b07f509629a84224dd8d8482dd83b881f7a1b2d0f5514635e
|
|
| SHA512 |
1ad8383266d3a2eef3aa4e9394049222a9e83d41c1c230b433a72e2536cdb1bc24fd097aa495b462fc9afddef0d10fefe2f4088d2dcbdc37b72f73bcc31c23aa
|
|
| ImpHash |
d42595b695fc008ef2c56aabd8efd68e
|
| 映像基址 | 0x00400000 |
| 入口点 | 0x00473c60 |
| 编译时间 | 1970-01-01 00:00:00 |
| 校验和 | 0x00000000 (实际: 0x008358ae) |
| 操作系统版本 | 6.1 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
1 库
kernel32 |
| 导出 | 0 函数 |
| 资源 | 0 资源 |
| 节 | 15 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
2,707,225 bytes | 2,707,456 bytes | 6.23 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
BB6EFD7005AD1506551D266428CFA184 |
.rdata |
0x00296000 |
2,882,264 bytes | 2,882,560 bytes | 5.66 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
942DA29DF06B7E36084227295F7C0B6B |
.data |
0x00556000 |
593,568 bytes | 274,944 bytes | 5.04 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
8A8F3774AE5975E182D593526E617EC1 |
.pdata |
0x005e7000 |
60,852 bytes | 60,928 bytes | 5.45 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1881C934C5C40FE4FD21D4A4B3EAFB9D |
.xdata |
0x005f6000 |
180 bytes | 512 bytes | 1.78 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
824BCA03C284624D1DCE3C66B77AA2D3 |
/4 |
0x005f7000 |
332 bytes | 512 bytes | 5.61 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
AAF28638A5FCA2AE9B61C2D0ECB5C6E7 |
/19 |
0x005f8000 |
483,808 bytes | 483,840 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
6B8A8DA9AB3CA290E2F3C30806C3807C |
/32 |
0x0066f000 |
100,272 bytes | 100,352 bytes | 7.94 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
40ACEA43F527CA4D9B86B807BC0F32AF |
/46 |
0x00688000 |
99 bytes | 512 bytes | 1.60 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
700834D1DF60CC9AE6885D9924F60878 |
/65 |
0x00689000 |
828,454 bytes | 828,928 bytes | 8.00 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
498BF4BE3152751DF842112A68E0B019 |
/78 |
0x00754000 |
606,268 bytes | 606,720 bytes | 7.99 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
3CA22D0454201DA1036E2BD69B1A6797 |
/90 |
0x007e9000 |
181,964 bytes | 182,272 bytes | 7.81 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
301CFA6485342972DB8FFFE1BE7E344F |
.idata |
0x00816000 |
1,342 bytes | 1,536 bytes | 3.95 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
84774875179705D26C1F688D3161F10C |
.reloc |
0x00817000 |
55,228 bytes | 55,296 bytes | 5.45 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
D49704ECC3A422BD5FA8F7B675D101F5 |
.symtab |
0x00825000 |
399,894 bytes | 400,384 bytes | 5.29 (正常) |
IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
3E3F7757D33B747BDF15C052BA94612C |
5 检测到高熵(≥7.5)的节 - 可能存在打包/加密
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
