| 文件名 | gta3.exe |
| 文件类型 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 扫描器版本 | 1.0.211.174 |
| 数据库版本 | 2025-03-27 07:01:14 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
81affe641445a3513e5701587d86d776
|
|
| SHA1 |
ae400b3aa02061403af78f0aba5e067ca3bae1d8
|
|
| SHA256 |
b8df59d7570cc60a3911ade3385789cf4c2570460df714b14773489e0bfba744
|
|
| SHA512 |
e34f929bca8239172964c0339147bb2b95ceba1bb2d80f344c2d92c05b669ed22aa16762500e4337d3e8a7de1b9bb769ccbdea8b5a51b0975facb0b1693c936b
|
|
| ImpHash |
6dae74551d850e0f45d731fdbb0099b7
|
| 图标 |
哈希: c66d6293215df1201d4ecabf4008a293
模糊: 6419e57b97dd783366d8688879a71b21 dHash: d4c0ead4b4f4daa0 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x005c1e70 |
| 编译时间 | 2002-04-30 17:02:12 |
| 校验和 | 0x00000000 (实际: 0x0024d19e) |
| 操作系统版本 | 1.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
9 库
ADVAPI32, DDRAW, DINPUT8, KERNEL32, USER32, WINMM, d3d8, mss32, ole32 |
| 导出 | 0 函数 |
| 资源 | 3 资源 |
| 节 | 13 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,974,840 bytes | 1,978,368 bytes | 6.46 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
E153E6D4ED003D922E8D354079E4D6D9 |
_rwcseg |
0x001e4000 |
893 bytes | 4,096 bytes | 1.77 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
247669EF68C1AD3D328539299CC997DD |
.rdata |
0x001e5000 |
9,410 bytes | 12,288 bytes | 4.28 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9F9FF74CB3686A9B041E318DFE260E00 |
.exc |
0x001e8000 |
436 bytes | 4,096 bytes | 0.83 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BE6A239F93F788995E4E31008AE3BDB8 |
.rsrc |
0x001e9000 |
2,842 bytes | 4,096 bytes | 3.02 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
22E156248BA7E92EF4E634C35F956151 |
.data |
0x001ea000 |
204,264 bytes | 204,800 bytes | 5.33 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
23F6A808156631F475850ECCD25030D3 |
.CRT |
0x0021c000 |
292 bytes | 4,096 bytes | 0.58 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
7DBCA7A36931805612ED407839685B93 |
.idata |
0x0021d000 |
5,441 bytes | 8,192 bytes | 4.15 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
8580D25CC67CD0C53911960D32CFFFD7 |
.tls |
0x0021f000 |
16 bytes | 4,096 bytes | 0.03 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
568B0B8E7A704415EA0144A56E5C46DF |
_rwdseg |
0x00220000 |
8 bytes | 4,096 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
620F0B67A91F7F74151BC5BE745B7110 |
.bss |
0x00221000 |
3,390,933 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.edata |
0x0055d000 |
1,294 bytes | 4,096 bytes | 1.14 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5A830ED64B26006A46695C2C6CEAB550 |
.reloc |
0x0055e000 |
143,484 bytes | 147,456 bytes | 6.76 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
656B31E27ABD851744D2D9E72F256285 |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 1 | 2,216 字节 | |
| RT_DIALOG | 1 | 302 字节 | |
| RT_GROUP_ICON | 1 | 20 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
