| 文件名 | reshacker_setup.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.216.174 |
| 数据库版本 | 2025-05-17 21:00:24 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
0fa54be54c421f87da625916342520bc
|
|
| SHA1 |
177674653365c29f4da964beb023aa5a1fe06fbb
|
|
| SHA256 |
b611be2f35cb44efd1c29df03e7ebe62bd556a500585680e1afa5e073eaf1756
|
|
| SHA512 |
73edfef164fce793bd584f478948b5d9b7d4f2bb4d673bd5e331b7afe8585c3ff933d489cc6a302661d2478f121c9c9a77c68013c3df1f8aa8b49ea75ad9fe7a
|
|
| ImpHash |
5a594319a0d69dbc452e748bcf05892e
|
| 图标 |
哈希: b7c2cdc3e80130d70b04f44eb80ec0a8
模糊: 0fde2cb2f7b9c9287a5999aa3b8a3811 dHash: 222625ada6b5b112 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x004b5eec |
| 编译时间 | 2020-05-21 05:56:23 |
| 校验和 | 0x00000000 (实际: 0x00424ea2) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
7 库
kernel32, comctl32, version, user32, oleaut32, netapi32, advapi32 |
| 导出 | 3 函数 |
| 资源 | 25 资源 |
| 节 | 10 节 |
| Comments | This installation was built with Inno Setup. |
| CompanyName | Angus Johnson |
| FileDescription | Resource Hacker Setup |
| FileVersion | |
| LegalCopyright | |
| OriginalFileName | |
| ProductName | Resource Hacker |
| ProductVersion | 5.2.8 |
| Translation | 0x0000 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
734,724 bytes | 735,232 bytes | 6.35 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
364BC619A502D7F0A97ABA31E34B82D2 |
.itext |
0x000b5000 |
5,764 bytes | 6,144 bytes | 5.97 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
282B489EAC439B258C98EC516C03C2CD |
.data |
0x000b7000 |
14,244 bytes | 14,336 bytes | 5.04 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
342785CF6BA6DE905CA393413E77B906 |
.bss |
0x000bb000 |
28,064 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x000c2000 |
3,894 bytes | 4,096 bytes | 4.90 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
A73D686F1E8B9BB06EC767721135E397 |
.didata |
0x000c3000 |
420 bytes | 512 bytes | 2.76 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
41B8CE23DD243D14BEEBC71771885C89 |
.edata |
0x000c4000 |
154 bytes | 512 bytes | 1.87 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
43F8D31E224BBD887C839F21E694B898 |
.tls |
0x000c5000 |
24 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.rdata |
0x000c6000 |
93 bytes | 512 bytes | 1.38 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
8F2F090ACD9622C88A6A852E72F94E96 |
.rsrc |
0x000c7000 |
107,740 bytes | 108,032 bytes | 6.51 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9F5989D5BCA4AED25A59730243DB7D85 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 8 | 94,149 字节 | |
| RT_STRING | 11 | 8,040 字节 | |
| RT_RCDATA | 3 | 768 字节 | |
| RT_GROUP_ICON | 1 | 118 字节 | |
| RT_VERSION | 1 | 1,412 字节 | |
| RT_MANIFEST | 1 | 1,830 字节 |
| 产品 | Resource Hacker |
| 描述 | Resource Hacker Setup |
✓ 此文件已进行数字签名,证书链已验证。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
