| 文件名 | officedeploymenttool_12624-20320.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.217.174 |
| 数据库版本 | 2025-05-26 11:00:17 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
be58a0bc2395584d550f8219e3e590b6
|
|
| SHA1 |
0ea4d12ee043dd2ee81e507a967e7946d25b5040
|
|
| SHA256 |
ae1cfca801d21559032ecc5f44912b17735d85a8a568258e1a717a14c7738973
|
|
| SHA512 |
dca14225c541fddce7c56dc065b18621399179ee2dd7eba7cb3469849cb2a5969f55f28a44884b91bcd9f2effdc8f2a8072e236e2d2b2ae077ec2cd53ec37178
|
|
| ImpHash |
2b21f8d62cafb5f0144341ba9196ca74
|
| 图标 |
哈希: 7d46f4a81b3d747e911a7afbe2775658
模糊: 962c4e009b0a51701b23c5adbf2f2298 dHash: c1dcdccda6a8cec6 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x0042028c |
| 编译时间 | 2020-03-13 18:36:39 |
| 校验和 | 0x002dc785 (实际: 0x002dc785) |
| 操作系统版本 | 6.1 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| PDB 路径 | d:\dbs\el\feb\target\x86\ship\ses\x-none\opatchinst.pdb�0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
| 数字签名 | OK |
| 导入 |
5 库
KERNEL32, OLEAUT32, ADVAPI32, ole32, GDI32 |
| 导出 | 0 函数 |
| 资源 | 13 资源 |
| 节 | 5 节 |
| CompanyName | Microsoft Corporation |
| FileVersion | 16.0.12624.20320 |
| LegalTrademarks1 | Microsoft® is a registered trademark of Microsoft Corporation. |
| LegalTrademarks2 | Windows® is a registered trademark of Microsoft Corporation. |
| ProductVersion | 16.0.12624.20320 |
| Translation | 0x0000 0x04e4 |
| CompanyName | Microsoft Corporation |
| FileDescription | |
| FileVersion | 16.0.12624.20228 |
| InternalName | |
| LegalTrademarks1 | Microsoft® is a registered trademark of Microsoft Corporation. |
| LegalTrademarks2 | Windows® is a registered trademark of Microsoft Corporation. |
| OriginalFilename | |
| ProductName | |
| ProductVersion | 16.0.12624.20228 |
| Translation | 0x0000 0x04e4 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
222,100 bytes | 222,208 bytes | 6.55 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
3979F39DF44681070245BEF043388618 |
.rdata |
0x00038000 |
86,280 bytes | 86,528 bytes | 5.03 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A805691DA823D22F03B08AE960CCD26E |
.data |
0x0004e000 |
11,164 bytes | 8,704 bytes | 4.20 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E8229D2A123C9E355EE9860EFAAC5212 |
.rsrc |
0x00051000 |
15,732 bytes | 15,872 bytes | 3.86 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
64C0A0775D03ACAC83B4689655ECB193 |
.reloc |
0x00055000 |
16,016 bytes | 16,384 bytes | 6.63 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
C9798BE683EB16F2AF10E0EF2252BBF5 |
2 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 2 | 1,040 字节 | |
| RT_DIALOG | 6 | 1,652 字节 | |
| RT_RCDATA | 1 | 8,530 字节 | |
| RT_GROUP_ICON | 1 | 34 字节 | |
| RT_VERSION | 2 | 2,876 字节 | |
| RT_MANIFEST | 1 | 811 字节 |
| 文件版本 | 16.0.12624.20320 |
| 签名日期 | 11:19 PM 03/24/2020 (1901 天前) |
| 验证状态 | Signed |
| 签名者 | Microsoft Corporation; Microsoft Code Signing PCA 2010; Microsoft Root Certificate Authority 2010 |
| 副签名者 | Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010 |
33 00 00 02 CE 7C 9A CE 7D 90 5E D2 B7 00 00 00 00 02 CE61 0C 52 4C 00 00 00 00 00 0333 00 00 01 18 FE 3A F7 D9 1B D4 B1 33 00 00 00 00 01 1861 09 81 2A 00 00 00 00 00 02✓ 此文件已进行数字签名,证书链已验证。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
