| 文件名 | cs2-turnbinds.exe |
| 文件类型 |
PE32+ executable (console) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.210.174 |
| 数据库版本 | 2025-03-05 00:00:24 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
b700f1a99caf67a8820473a49c4c01b1
|
|
| SHA1 |
048efe58949824cd6ea40a8a3773f94ee2f123c8
|
|
| SHA256 |
aa84977114842ab0234203c2d15ab7433bb7fb1dc1890db8fcfb4a3b48583c97
|
|
| SHA512 |
2f6d242f6b44610287af60082d1088b089f483f920b147c5269b87e7b58445d774ce64e3a727db0b57d0c2d56da4b6fb4214567be755d2fe05dace2409cce274
|
|
| ImpHash |
b819c89ac9b569d0bbb77889674017b2
|
| 图标 |
哈希: 25208a751abb865c31f3667e7dacb973
模糊: eb7c4d1a9012001632e63ba7a887fdde dHash: f0c49223068ee4f0 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x1405c9020 |
| 编译时间 | 2023-11-30 08:27:44 |
| 校验和 | 0x00000000 (实际: 0x010a1760) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| PDB 路径 | D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\Corehost.Static\singlefilehost.pdb |
| 数字签名 | No valid SignedData structure was found. |
| 导入 | 17 库 |
| 导出 | 5 函数 |
| 资源 | 12 资源 |
| 节 | 10 节 |
| Translation | 0x0000 0x04b0 |
| CompanyName | cs2-turnbinds |
| FileDescription | cs2-turnbinds |
| FileVersion | 1.0.0.0 |
| InternalName | cs2-turnbinds.dll |
| LegalCopyright | |
| OriginalFilename | cs2-turnbinds.dll |
| ProductName | cs2-turnbinds |
| ProductVersion | 1.0.0+c48db7893a82aeccd7cee6eaf7378d5f0c14c169 |
| Assembly Version | 1.0.0.0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
6,379,036 bytes | 6,379,520 bytes | 6.45 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
F80DE735FFD91E81F7D251A4FB52B277 |
.CLR_UEF |
0x00617000 |
221 bytes | 512 bytes | 3.12 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
8862EA2C52E152B67F25B304B9699ECC |
.rdata |
0x00618000 |
1,561,714 bytes | 1,562,112 bytes | 5.67 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1FC159B21038B673518A7F5FADADA66F |
.data |
0x00796000 |
130,884 bytes | 38,912 bytes | 3.32 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B87B3CE659BAECA00E23A596786950C7 |
.pdata |
0x007b6000 |
221,352 bytes | 221,696 bytes | 6.50 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
77B7AD9F9102A1F934B8BADBA067E677 |
.didat |
0x007ed000 |
56 bytes | 512 bytes | 0.41 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
7FFB1C6CBDA8BF1E2CF067B4FFB235F6 |
Section |
0x007ee000 |
8 bytes | 512 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BF619EAC0CDF3F68D496EA9344137E8B |
_RDATA |
0x007ef000 |
78,856 bytes | 79,360 bytes | 5.49 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BC5A683B4B69B98278ADA875463902DF |
.rsrc |
0x00803000 |
1,498,584 bytes | 1,498,624 bytes | 6.45 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
626BC28C7A37CDCE8AED05BFA9C8E94F |
.reloc |
0x00971000 |
32,304 bytes | 32,768 bytes | 5.44 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
FE150AB75B86810EBB80740F33262188 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 6 | 158,876 字节 | |
| RT_RCDATA | 3 | 1,337,432 字节 | |
| RT_GROUP_ICON | 1 | 90 字节 | |
| RT_VERSION | 1 | 828 字节 | |
| RT_MANIFEST | 1 | 490 字节 |
| 产品 | cs2-turnbinds |
| 描述 | cs2-turnbinds |
| 文件版本 | 1.0.0.0 |
| 原始名称 | cs2-turnbinds.dll |
| 内部名称 | cs2-turnbinds.dll |
33 00 00 05 15 B0 EF 41 0F A4 18 8F B1 00 00 00 00 05 1561 0C 52 4C 00 00 00 00 00 0333 00 00 01 CD 55 07 2A E7 CA C1 99 1D 00 01 00 00 01 CD33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15✓ 此文件已进行数字签名,证书链已验证。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
