| 文件名 | crypted.exe |
| 文件类型 |
Win32 EXE
|
| 魔术字节 | PE32+ executable (GUI) x86-64, for MS Windows |
| SSDEEP 哈希 |
12288:mRE7TyeUkQxUBtSHZgre0Sj5ZBjo9roS6:mRE7T0kQGtSHzZBjo9roS6
|
| 扫描器版本 | 1.0.220.174 |
| 数据库版本 | 2025-07-11 18:00:24 UTC |
被 10 个安全引擎检测到 - 需要谨慎
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
ef3dd1fa9b57cb70b683555980b43492
|
|
| SHA1 |
7356e2df9917c367ea3d5259438b4eff4362f78a
|
|
| SHA256 |
cada75115e2c88c4a09beaf537c086b03aa6b0ff0e673b30caf8bae3b2a03257
|
|
| SHA512 |
0793f45af477c25ec59e673c12dfb7460274f39ec9179edf3669d87762995d893402158940ce04890bf4129ebf59fa4986f46874878fb9b7699c4d4677560198
|
|
| ImpHash |
18dab03703c959cb60a55a05c890cae8
|
| 映像基址 | 0x140000000 |
| 入口点 | 0x14000132b |
| 编译时间 | 1970-01-01 00:00:00 |
| 校验和 | 0x000ae677 (实际: 0x000ae677) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
4 库
KERNEL32, msvcrt, SHELL32, USER32 |
| 导出 | 0 函数 |
| 资源 | 0 资源 |
| 节 | 17 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
118,320 bytes | 118,784 bytes | 6.24 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
C2DDF10C8EA3B7D462BF484C4F7CCB7B |
.data |
0x0001e000 |
163,136 bytes | 163,328 bytes | 3.98 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E664B775D6E3C06CD6F6387A1DF038E6 |
.rdata |
0x00046000 |
19,616 bytes | 19,968 bytes | 4.93 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
60DAEFE50D2D0E32FD1532A684D8CEE2 |
.pdata |
0x0004b000 |
14,208 bytes | 14,336 bytes | 5.46 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
61D84CB48F564ED71928DED09DE52690 |
.xdata |
0x0004f000 |
11,684 bytes | 11,776 bytes | 4.08 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
75ECA88DC922C46B9F690D763DF1B861 |
.bss |
0x00052000 |
3,152 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x00053000 |
4,404 bytes | 4,608 bytes | 3.96 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
97F398EBCF8472AAD553ECC21C8DDE1E |
.tls |
0x00055000 |
16 bytes | 512 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BF619EAC0CDF3F68D496EA9344137E8B |
.reloc |
0x00056000 |
1,100 bytes | 1,536 bytes | 4.52 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
94B2D47A4896B8FE38697166126E3834 |
/4 |
0x00057000 |
176 bytes | 512 bytes | 0.60 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
A2CBC4D69A9E911FB0C8FE650BC57534 |
/19 |
0x00058000 |
18,956 bytes | 19,456 bytes | 5.76 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
2C4F3CE6BDA7C51CA5E05F59E0332C99 |
/31 |
0x0005d000 |
2,118 bytes | 2,560 bytes | 4.38 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
98FB64F9EC8915CB5A4825473806EF6B |
/45 |
0x0005e000 |
2,249 bytes | 2,560 bytes | 4.52 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
50E8923B9A9B6FF54B3EDDB0ADDDE99A |
/57 |
0x0005f000 |
984 bytes | 1,024 bytes | 3.67 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
D88756C5367F7A1D7653895FA6566CE1 |
/70 |
0x00060000 |
168 bytes | 512 bytes | 2.41 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
A11AD7E3390329ABC69674049C407B58 |
/81 |
0x00061000 |
738 bytes | 1,024 bytes | 4.02 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
56A99C417E2BE861C632F9976BF651BF |
/97 |
0x00062000 |
1,541 bytes | 2,048 bytes | 3.94 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
E3D9A662D7707E5DFEF34843F1F113E6 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
