| 文件名 | tkcon.exe |
| 文件类型 |
PE32+ executable (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.217.174 |
| 数据库版本 | 2025-05-31 02:00:17 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
437c3ebef4c0762e6b687e8509bbc44a
|
|
| SHA1 |
ba42f0a689653572ab4fad26b46ae248735fd6c9
|
|
| SHA256 |
aa20617f88364b61f8c9451820f5c91dd4089f5ee2bbecbbcb0909918c1ddf5d
|
|
| SHA512 |
976b9a9db997ced753736ac8b4c67bd53c7ba8fd537d81dd27d921e4b169b2995ffa2a92338b2974bba84ca3ee83653a7ffd942523f8a2c0628a24c91fb6ca92
|
|
| ImpHash |
2093333e1a32b7afde05fa1ceb0b462c
|
| 映像基址 | 0x00400000 |
| 入口点 | 0x00d50720 |
| 编译时间 | 2025-05-22 18:15:58 |
| 校验和 | 0x00bc92d1 (实际: 0x00bc92d1) |
| 操作系统版本 | 5.2 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| 数字签名 | OK |
| 导入 | 23 库 |
| 导出 | 3 函数 |
| 资源 | 147 资源 |
| 节 | 11 节 |
| ProductName | Gridinsoft® Anti-Malware |
| ProductVersion | 4.3.61 |
| CompanyName | Gridinsoft LLC |
| LegalCopyright | © Gridinsoft LLC, 2025 |
| LegalTrademarks | Gridinsoft® |
| InternalName | tkcon |
| OriginalFilename | tkcon.exe |
| FileVersion | 4.3.61.5853 |
| FileDescription | Anti-Malware Console |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
9,933,672 bytes | 9,933,824 bytes | 5.72 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
0992A948EE6994718D20328F17E7CA4B |
.data |
0x0097b000 |
945,232 bytes | 945,664 bytes | 5.01 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
80B05DAE497732E0F1BD7DB4A27085A6 |
.bss |
0x00a62000 |
691,888 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x00b0b000 |
25,168 bytes | 25,600 bytes | 4.46 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B62858F0E4CA0093877650065EFFAC31 |
.didata |
0x00b12000 |
5,418 bytes | 5,632 bytes | 3.40 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
3B047EE98D2BA508052EF7362C6FD9E7 |
.edata |
0x00b14000 |
151 bytes | 512 bytes | 1.84 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C4E754043F0ACB046D94CE12BDAFAD65 |
.tls |
0x00b15000 |
664 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.rdata |
0x00b16000 |
109 bytes | 512 bytes | 1.38 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
0DA3728AD8853D5A48770E3F837AA3EC |
.reloc |
0x00b17000 |
474,792 bytes | 475,136 bytes | 6.47 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
6805383E0A6E431D62AA858B9BE2E2A4 |
.pdata |
0x00b8b000 |
513,468 bytes | 513,536 bytes | 6.53 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
7D1CC6459B0F413B2B6FFCC7B9C6BDE1 |
.rsrc |
0x00c09000 |
381,440 bytes | 381,440 bytes | 5.98 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
4F4AEB3D8034CCFFA74F0CF0A557B1CC |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| UNICODEDATA | 6 | 191,535 字节 | |
| RT_CURSOR | 21 | 10,868 字节 | |
| RT_BITMAP | 5 | 2,432 字节 | |
| RT_STRING | 68 | 78,564 字节 | |
| RT_RCDATA | 25 | 88,338 字节 | |
| RT_GROUP_CURSOR | 21 | 420 字节 | |
| RT_VERSION | 1 | 812 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
