| 文件名 | Saimin_Gakushu_crack.exe |
| 文件类型 |
Win32 EXE
|
| 魔术字节 | PE32 executable (GUI) Intel 80386, for MS Windows |
| SSDEEP 哈希 |
98304:qX0qQK870mS9EIKDUHO0EFuTYWO3332bloT20o1S19/d8HV:a0qQDu3TsXPTKy+1
|
| 扫描器版本 | 1.0.219.174 |
| 数据库版本 | 2025-06-28 14:00:23 UTC |
被 9 个安全引擎检测到 - 需要谨慎
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
21bd36f37c242aaff515b9a80e1d8ac5
|
|
| SHA1 |
c63aefa73a03fd88832f52e2b99f16c02111d433
|
|
| SHA256 |
be1eca70b9fb75a16340fec627fb7297f681b7b273b94820c8f0643fd053fae9
|
|
| SHA512 |
bf9727e2b8dedd4b13836e2166c68413e91969b64a8ed3376dd38fd53a3081485572e091143364dfdc99f3fbee9e052546e0149cc2b75d45f0dde8b5b39d7e91
|
|
| ImpHash |
5a0442226fe0b9600b096203c2d8114b
|
| 图标 |
哈希: 784721e04c71d42069824090c3b81acf
模糊: 9135e6613db2e7b18933858f9e7d647e dHash: 4a584cc7c3e67575 |
| 映像基址 | 0x00400000 |
| 入口点 | 0x0047227e |
| 编译时间 | 2021-09-15 13:04:57 |
| 校验和 | 0x0020d5a2 (实际: 0x0063a989) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 | 15 库 |
| 导出 | 0 函数 |
| 资源 | 15 资源 |
| 节 | 11 节 |
| Comments | |
| CompanyName | |
| FileDescription | |
| FileVersion | 1, 0, 0, 0 |
| InternalName | |
| LegalCopyright | |
| LegalTrademarks | |
| OriginalFilename | |
| PrivateBuild | |
| ProductName | YU-RIS Script Engine |
| ProductVersion | 0, 555, 0, 0 |
| SpecialBuild | |
| Translation | 0x0411 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,531,904 bytes | 1,528,832 bytes | 6.75 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
345733E4989B87D3D30A37FBB87E9153 |
.rdata |
0x00177000 |
147,456 bytes | 147,456 bytes | 5.23 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9450EC0D0D7C0271D949288E584CD34E |
.data |
0x0019b000 |
3,002,368 bytes | 120,320 bytes | 5.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
5BA2AA0E272C5D8C590AF4AE980969B4 |
_RDATA |
0x00478000 |
28,672 bytes | 26,624 bytes | 5.64 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BE49B6018B0F1D0C931D7E9136DD500F |
.data1 |
0x0047f000 |
4,096 bytes | 512 bytes | 3.03 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BA082D3CC3E8CD5D9282677E7951D88F |
.sxdata |
0x00480000 |
4,096 bytes | 512 bytes | 0.04 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_LNK_INFO|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
0BB5022D59B138015CAD65FD5AA26745 |
.rsrc�a |
0x00481000 |
290,816 bytes | 289,280 bytes | 6.57 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D0F8A105E686777999EB458D68A5C651 |
.ierdata |
0x004c8000 |
110,592 bytes | 106,496 bytes | 3.52 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
85715383DCAB7BB8E84E2DA0423870A2 |
.xfudata |
0x004e3000 |
110,592 bytes | 105,984 bytes | 7.98 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
080A2406ED2A1CE1A7FE4986E79B0106 |
.imrdata |
0x004fe000 |
4,161,536 bytes | 4,161,024 bytes | 7.09 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
0A3E93DCC759A87515D49B5E8167F89D |
.ZDFX |
0x008f6000 |
8,557 bytes | 8,704 bytes | 4.70 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
3AB1A85A98E01D7C8244D40BAF362B1F |
1 检测到高熵(≥7.5)的节 - 可能存在打包/加密
3 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| YS_BIN | 1 | 4 字节 | |
| YS_RES | 1 | 4 字节 | |
| RT_ICON | 4 | 285,408 字节 | |
| RT_DIALOG | 6 | 822 字节 | |
| RT_GROUP_ICON | 1 | 62 字节 | |
| RT_VERSION | 1 | 724 字节 | |
| RT_MANIFEST | 1 | 940 字节 |
| 产品 | YU-RIS Script Engine |
| 文件版本 | 1, 0, 0, 0 |
✓ 此文件已进行数字签名,证书链已验证。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
